Class CRLChecker

  • All Implemented Interfaces:
    CertificateChecker

    public class CRLChecker
    extends java.lang.Object
    implements CertificateChecker
    This checks to see if the certificate is in a CRL.
    Since:
    1.0
    Version:
    ${version}
    • Constructor Summary

      Constructors 
      Constructor Description
      CRLChecker​(java.security.cert.CertStore certStore, java.security.KeyStore keyStore, boolean checkDateValidity)
      Creates a CRLChecker where the CRL's are in the supplied stores.
      CRLChecker​(CertificateRevocationLists crlsList, java.security.KeyStore keyStore, boolean checkDateValidity)
      Creates a CRLChecker where the CRL's are in the supplied stores.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void checkCRLDateValidity​(java.security.cert.X509CRL crl)  
      void invoke​(java.security.cert.X509Certificate cert, GSIConstants.CertificateType certType)
      Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • CRLChecker

        public CRLChecker​(CertificateRevocationLists crlsList,
                          java.security.KeyStore keyStore,
                          boolean checkDateValidity)
        Creates a CRLChecker where the CRL's are in the supplied stores.
        Parameters:
        crlsList - The object containing the CRL's
        keyStore - The store used to get trusted certs.
        checkDateValidity - Should we check if the CRL date is valid.
      • CRLChecker

        public CRLChecker​(java.security.cert.CertStore certStore,
                          java.security.KeyStore keyStore,
                          boolean checkDateValidity)
        Creates a CRLChecker where the CRL's are in the supplied stores.
        Parameters:
        certStore - The store containing the CRL's
        keyStore - The store used to get trusted certs.
        checkDateValidity - Should we check if the CRL date is valid.
    • Method Detail

      • invoke

        public void invoke​(java.security.cert.X509Certificate cert,
                           GSIConstants.CertificateType certType)
                    throws java.security.cert.CertPathValidatorException
        Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown
        Specified by:
        invoke in interface CertificateChecker
        Parameters:
        cert - The certificate to validate.
        certType - The type of certificate to validate.
        Throws:
        java.security.cert.CertPathValidatorException - If CRL or CA certificate could not be loaded from store, CRL is not valid or expired, certificate is revoked.
      • checkCRLDateValidity

        protected void checkCRLDateValidity​(java.security.cert.X509CRL crl)
                                     throws java.security.cert.CertPathValidatorException
        Throws:
        java.security.cert.CertPathValidatorException