Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.x509.extensions
Class InvalidityDate

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.extensions.InvalidityDate
public class InvalidityDate
extends V3Extension

This class implements the InvalidityDate extension. The InvalidityDate extension is a non critical standard X509v2 CRL entry extension.

Each extension is associated with a specific certificateExtension object identifier, derived from: 

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension

The object identifier for the CRLNumber extension is defined as:

id-ce-cRLReason OBJECT IDENTIFIER ::= { id-ce 24 }

which corresponds to the OID string "2.5.29.24".

The X.509 Certificate and CRL profile presented in specifies the InvalityDate extension for providing the date on which it is known or suspected that the private key was compromised or that the certificate otherwise became invalid. This date may be earlier than the revocation date in the CRL entry, which is the date at which the CA processed the revocation. When a revocation is first posted by a CA in a CRL, the invalidity date may precede the date of issue of earlier CRLs, but the revocation date SHOULD NOT precede the date of issue of earlier CRLs. Whenever this information is available, CAs are strongly encouraged to share it with CRL users.

ASN.1 definition: 

 invalidityDate ::= GeneralizedTime

Since in the IAIK-JCE environment revoked certificates are implementations of the iaik.x509.RevokedCertificate class, a InvalidityData CRL entry extension may be added to a revoked certificate by using the addExtension method of the iaik.x509.RevokedCertificate class. Any revoked certificate itself is added to a certificate revocation list by using a proper addCertificate method of the iaik.x509.X509CRL class, e.g.: 

 //Create a revoked certificate from a X509Certificate and set the revocation date
 //to the current date; the X509Certificate is read in from a file:
 GregorianCalendar revocationDate = (GregorianCalendar)Calendar.getInstance();
 InputStream fis = new FileInputStream("cert.der");
 X509Certificate cert = new X509Certificate(fis);
 fis.close();
 RevokedCertificate rev_cert = new RevokedCertificate(cert, revocationDate.getTime());
 //add the InvalidateDate CRL entry extension to the revoked certificate:
 Date date = ...;
 InvalidityDate invalidityDate = new InvalidityDate(date);
 rev_cert.addExtension(invalidityData);
 //add the revoked certificate to the crl
 X509CRL crl = new X509CRL();
  ...
 crl.addCertificate(rev_cert);

Version:
File Revision 8
See Also:
X509CRL, X509Certificate, RevokedCertificate

Field Summary
static ObjectID oid
          The object identifier of this InvalidityDate extension.
 
Fields inherited from class iaik.x509.V3Extension
critical
 
Constructor Summary
InvalidityDate()
          Default constructor.
InvalidityDate(Date invalidityDate)
          Creates a new InvalidityDate from the given date.
 
Method Summary
 Date getInvalidityDate()
          Returns the invalidity date.
 ObjectID getObjectID()
          Returns the object ID of this InvalidityDate extension
 int hashCode()
          Returns a hashcode for this identity.
 void init(ASN1Object obj)
          Inits this InvalidityDate implementation with an ASN1object representing the value of this extension.
 void setInvalidityDate(Date invalidityDate)
          Sets the invality date of this InvalidityDate object.
 ASN1Object toASN1Object()
          Returns an ASN1Object representing the value of this InvalidityDate extension object.
 String toString()
          Returns a string that represents the contents of the InvalidityDate extension.
 
Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

oid

public static final ObjectID oid
The object identifier of this InvalidityDate extension. The corresponding OID string is "2.5.29.24".
Constructor Detail

InvalidityDate

public InvalidityDate()
Default constructor.

Creates an empty InvalidityDate object.

Use setInvalidityDate for specifying the invalidity date, e.g.: 

 InvalidityDate invalidityDate = new InvalidityDate();
 Date date = ...;
 invalidityDate.setInvalidityDate(date);

InvalidityDate

public InvalidityDate(Date invalidityDate)
Creates a new InvalidityDate from the given date.

For instance: 

 Date date = ...;
 InvalidityDate invalidityDate = new InvalidityDate(date);

Parameters:
invalidityDate - the invality date to be set
Method Detail

getObjectID

public ObjectID getObjectID()
Returns the object ID of this InvalidityDate extension
Overrides:
getObjectID in class V3Extension
Returns:
the object ID

init

public void init(ASN1Object obj)
          throws X509ExtensionException
Inits this InvalidityDate implementation with an ASN1object representing the value of this extension.

The given ASN1Object represents a GeneraizedTime giving the invalidity date.

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a CRL for properly initializing an included InvalidityDate extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Overrides:
init in class V3Extension
Parameters:
obj - the InvalidityDate as ASN1Object
Throws:
X509ExtensionException - an error occurs when parsing the supplied ASN.1 object

toASN1Object

public ASN1Object toASN1Object()
Returns an ASN1Object representing the value of this InvalidityDate extension object.

The returned ASN1Object is an ASN.1 GenaralizedTime representing the invality date: 

 InvalidityDate ::= GenaralizedTime

Overrides:
toASN1Object in class V3Extension
Returns:
the value of this InvalidityDate as ASN1Object

setInvalidityDate

public void setInvalidityDate(Date invalidityDate)
Sets the invality date of this InvalidityDate object.

For instance: 

 InvalidityDate invalidityDate = new InvalidityDate();
 Date date = ...;
 invalidityDate.setInvalidityDate(date);

Parameters:
invalidityDate - the invality date to be set

getInvalidityDate

public Date getInvalidityDate()
Returns the invalidity date.
Returns:
the invalidity date

hashCode

public int hashCode()
Returns a hashcode for this identity.
Overrides:
hashCode in class V3Extension
Returns:
a hash code for this identity

toString

public String toString()
Returns a string that represents the contents of the InvalidityDate extension.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK