com.tencent.kona.sun.security.x509

Class CRLDistributionPointsExtension

java.lang.Object

com.tencent.kona.sun.security.x509.Extension

com.tencent.kona.sun.security.x509.CRLDistributionPointsExtension

All Implemented Interfaces:

com.tencent.kona.sun.security.util.DerEncoder, java.security.cert.Extension

Direct Known Subclasses:

FreshestCRLExtension

public class CRLDistributionPointsExtension
extends Extension

Represent the CRL Distribution Points Extension (OID = 2.5.29.31).

The CRL distribution points extension identifies how CRL information is obtained. The extension SHOULD be non-critical, but the PKIX profile recommends support for this extension by CAs and applications.

For PKIX, if the cRLDistributionPoints extension contains a DistributionPointName of type URI, the following semantics MUST be assumed: the URI is a pointer to the current CRL for the associated reasons and will be issued by the associated cRLIssuer. The expected values for the URI conform to the following rules. The name MUST be a non-relative URL, and MUST follow the URL syntax and encoding rules specified in [RFC 1738]. The name must include both a scheme (e.g., "http" or "ftp") and a scheme-specific-part. The scheme- specific-part must include a fully qualified domain name or IP address as the host. As specified in [RFC 1738], the scheme name is not case-sensitive (e.g., "http" is equivalent to "HTTP"). The host part is also not case-sensitive, but other components of the scheme-specific-part may be case-sensitive. When comparing URIs, conforming implementations MUST compare the scheme and host without regard to case, but assume the remainder of the scheme-specific-part is case-sensitive. Processing rules for other values are not defined by this specification. If the distributionPoint omits reasons, the CRL MUST include revocations for all reasons. If the distributionPoint omits cRLIssuer, the CRL MUST be issued by the CA that issued the certificate.

The ASN.1 definition for this is:

 id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::=  { id-ce 31 }

 cRLDistributionPoints ::= {
      CRLDistPointsSyntax }

 CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
 

Since:

1.4.2

See Also:

DistributionPoint, Extension

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	NAME

Fields inherited from class com.tencent.kona.sun.security.x509.Extension

critical, extensionId, extensionValue

Constructor Summary

Constructors

Modifier	Constructor and Description
	CRLDistributionPointsExtension(boolean isCritical, java.util.List<DistributionPoint> distributionPoints) Create a CRLDistributionPointsExtension from a List of DistributionPoint.
	CRLDistributionPointsExtension(java.lang.Boolean critical, java.lang.Object value) Create the extension from the passed DER encoded value of the same.
	CRLDistributionPointsExtension(java.util.List<DistributionPoint> distributionPoints) Create a CRLDistributionPointsExtension from a List of DistributionPoint; the criticality is set to false.
protected	CRLDistributionPointsExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId, boolean isCritical, java.util.List<DistributionPoint> distributionPoints, java.lang.String extensionName) Creates the extension (also called by the subclass).
protected	CRLDistributionPointsExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId, java.lang.Boolean critical, java.lang.Object value, java.lang.String extensionName) Creates the extension (also called by the subclass).

Method Summary

Modifier and Type	Method and Description
void	encode(com.tencent.kona.sun.security.util.DerOutputStream out) Write the extension to the DerOutputStream.
protected void	encode(com.tencent.kona.sun.security.util.DerOutputStream out, com.tencent.kona.sun.security.util.ObjectIdentifier extensionId, boolean isCritical) Write the extension to the DerOutputStream.
java.util.List<DistributionPoint>	getDistributionPoints() Get the DistributionPoint value.
java.lang.String	getName() Return the name of this extension.
java.lang.String	toString() Return the extension as user readable string.

Methods inherited from class com.tencent.kona.sun.security.x509.Extension

encode, equals, getExtensionId, getExtensionValue, getId, getValue, hashCode, isCritical, newExtension

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

NAME

public static final java.lang.String NAME

See Also:

Constant Field Values

Constructor Detail

CRLDistributionPointsExtension

public CRLDistributionPointsExtension(java.util.List<DistributionPoint> distributionPoints)

Create a CRLDistributionPointsExtension from a List of DistributionPoint; the criticality is set to false.

Parameters:

distributionPoints - the list of distribution points

Throws:

java.io.IOException - on error

CRLDistributionPointsExtension

public CRLDistributionPointsExtension(boolean isCritical,
                                      java.util.List<DistributionPoint> distributionPoints)

Create a CRLDistributionPointsExtension from a List of DistributionPoint.

Parameters:

isCritical - the criticality setting.

distributionPoints - the list of distribution points, cannot be null or empty.

CRLDistributionPointsExtension

protected CRLDistributionPointsExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId,
                                         boolean isCritical,
                                         java.util.List<DistributionPoint> distributionPoints,
                                         java.lang.String extensionName)

Creates the extension (also called by the subclass).

CRLDistributionPointsExtension

public CRLDistributionPointsExtension(java.lang.Boolean critical,
                                      java.lang.Object value)
                               throws java.io.IOException

Create the extension from the passed DER encoded value of the same.

Parameters:

critical - true if the extension is to be treated as critical.

value - Array of DER encoded bytes of the actual value.

Throws:

java.io.IOException - on error.

CRLDistributionPointsExtension

protected CRLDistributionPointsExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId,
                                         java.lang.Boolean critical,
                                         java.lang.Object value,
                                         java.lang.String extensionName)
                                  throws java.io.IOException

Creates the extension (also called by the subclass).

Throws:

java.io.IOException

Method Detail

getName

public java.lang.String getName()

Return the name of this extension.

Overrides:

getName in class Extension

encode

public void encode(com.tencent.kona.sun.security.util.DerOutputStream out)

Write the extension to the DerOutputStream.

Specified by:

encode in interface com.tencent.kona.sun.security.util.DerEncoder

Overrides:

encode in class Extension

Parameters:

out - the DerOutputStream to write the extension to.

Throws:

java.io.IOException - on encoding errors.

encode

protected void encode(com.tencent.kona.sun.security.util.DerOutputStream out,
                      com.tencent.kona.sun.security.util.ObjectIdentifier extensionId,
                      boolean isCritical)

Write the extension to the DerOutputStream. (Also called by the subclass)

getDistributionPoints

public java.util.List<DistributionPoint> getDistributionPoints()

Get the DistributionPoint value.

toString

public java.lang.String toString()

Return the extension as user readable string.

Overrides:

toString in class Extension