Package eu.europa.esig.dss.crl
Interface ICRLUtils
- All Known Implementing Classes:
CRLUtilsStreamImpl,CRLUtilsX509CRLImpl
public interface ICRLUtils
The interface for dealing with CRLs
-
Method Summary
Modifier and TypeMethodDescriptionbuildCRLBinary(byte[] binaries) Takes binaries and returns DER encodedCRLBinarybuildCRLValidity(CRLBinary crlBinary, CertificateToken issuerToken) This method verifies: the signature of the CRL, the key usage of its signing certificate and the coherence between the subject names of the CRL signing certificate and the issuer name of the certificate for which the verification of the revocation data is carried out.getRevocationInfo(CRLValidity crlValidity, BigInteger serialNumber) This method verifies the revocation status for a given serial number
-
Method Details
-
buildCRLBinary
Takes binaries and returns DER encodedCRLBinary- Parameters:
binaries- byte array representing an encoded CRL- Returns:
- DER encoded
CRLBinary
-
buildCRLValidity
This method verifies: the signature of the CRL, the key usage of its signing certificate and the coherence between the subject names of the CRL signing certificate and the issuer name of the certificate for which the verification of the revocation data is carried out. A dedicated object based onCRLValidityis created and accordingly updated.- Parameters:
crlBinary- (@code CRLBinary) to build theCRLValidityand verify token (cannot be null)issuerToken-CertificateTokenused to sign theX509CRL(cannot be null)- Returns:
CRLValidity- Throws:
IOException- if an IO error occurred
-
getRevocationInfo
This method verifies the revocation status for a given serial number- Parameters:
crlValidity- the CRL ValidityserialNumber- the certificate serial number to search- Returns:
- the X509CRLEntry with the revocation date, the reason, or null if the serial number is not found
-