1package org.bouncycastle.cert; 2 3import java.math.BigInteger; 4import java.util.Date; 5import java.util.List; 6import java.util.Set; 7 8import org.bouncycastle.asn1.ASN1ObjectIdentifier; 9import org.bouncycastle.asn1.x509.Extension; 10import org.bouncycastle.asn1.x509.Extensions; 11import org.bouncycastle.asn1.x509.GeneralNames; 12import org.bouncycastle.asn1.x509.TBSCertList; 13 14/** 15 * Holding class for an X.509 CRL Entry structure. 16 */ 17public class X509CRLEntryHolder 18{ 19 private TBSCertList.CRLEntry entry; 20 private GeneralNames ca; 21 22 X509CRLEntryHolder(TBSCertList.CRLEntry entry, boolean isIndirect, GeneralNames previousCA) 23 { 24 this.entry = entry; 25 this.ca = previousCA; 26 27 if (isIndirect && entry.hasExtensions()) 28 { 29 Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer); 30 31 if (currentCaName != null) 32 { 33 ca = GeneralNames.getInstance(currentCaName.getParsedValue()); 34 } 35 } 36 } 37 38 /** 39 * Return the serial number of the certificate associated with this CRLEntry. 40 * 41 * @return the revoked certificate's serial number. 42 */ 43 public BigInteger getSerialNumber() 44 { 45 return entry.getUserCertificate().getValue(); 46 } 47 48 /** 49 * Return the date on which the certificate associated with this CRLEntry was revoked. 50 * 51 * @return the revocation date for the revoked certificate. 52 */ 53 public Date getRevocationDate() 54 { 55 return entry.getRevocationDate().getDate(); 56 } 57 58 /** 59 * Return whether or not the holder's CRL entry contains extensions. 60 * 61 * @return true if extension are present, false otherwise. 62 */ 63 public boolean hasExtensions() 64 { 65 return entry.hasExtensions(); 66 } 67 68 /** 69 * Return the available names for the certificate issuer for the certificate referred to by this CRL entry. 70 * <p> 71 * Note: this will be the issuer of the CRL unless it has been specified that the CRL is indirect 72 * in the IssuingDistributionPoint extension and either a previous entry, or the current one, 73 * has specified a different CA via the certificateIssuer extension. 74 * </p> 75 * 76 * @return the revoked certificate's issuer. 77 */ 78 public GeneralNames getCertificateIssuer() 79 { 80 return this.ca; 81 } 82 83 /** 84 * Look up the extension associated with the passed in OID. 85 * 86 * @param oid the OID of the extension of interest. 87 * 88 * @return the extension if present, null otherwise. 89 */ 90 public Extension getExtension(ASN1ObjectIdentifier oid) 91 { 92 Extensions extensions = entry.getExtensions(); 93 94 if (extensions != null) 95 { 96 return extensions.getExtension(oid); 97 } 98 99 return null; 100 } 101 102 /** 103 * Return the extensions block associated with this CRL entry if there is one. 104 * 105 * @return the extensions block, null otherwise. 106 */ 107 public Extensions getExtensions() 108 { 109 return entry.getExtensions(); 110 } 111 112 /** 113 * Returns a list of ASN1ObjectIdentifier objects representing the OIDs of the 114 * extensions contained in this holder's CRL entry. 115 * 116 * @return a list of extension OIDs. 117 */ 118 public List getExtensionOIDs() 119 { 120 return CertUtils.getExtensionOIDs(entry.getExtensions()); 121 } 122 123 /** 124 * Returns a set of ASN1ObjectIdentifier objects representing the OIDs of the 125 * critical extensions contained in this holder's CRL entry. 126 * 127 * @return a set of critical extension OIDs. 128 */ 129 public Set getCriticalExtensionOIDs() 130 { 131 return CertUtils.getCriticalExtensionOIDs(entry.getExtensions()); 132 } 133 134 /** 135 * Returns a set of ASN1ObjectIdentifier objects representing the OIDs of the 136 * non-critical extensions contained in this holder's CRL entry. 137 * 138 * @return a set of non-critical extension OIDs. 139 */ 140 public Set getNonCriticalExtensionOIDs() 141 { 142 return CertUtils.getNonCriticalExtensionOIDs(entry.getExtensions()); 143 } 144} 145