com.intel.crypto
Class SslSession.Crl
- java.lang.Object
-
- com.intel.crypto.SslSession.Crl
-
- Enclosing class:
- SslSession
public abstract static class SslSession.Crl extends java.lang.Object
This class represents a certificate revocation list object. This object can verify CRLs and search for certificate serial numbers within the CRL.
-
-
Method Summary
Methods Modifier and Type Method and Description abstract void
appendChunk(byte[] input, short inputIndex, short inputLength)
Appends a chunk of the CRL to the preallocated CRL buffer.
The total size of the chunks appended must be equal to the size provided when creating the CRL bycreateCrl()
All chunks must be added in the same order as they appear in the original CRL file.abstract void
destroy()
Destroys a CRL cleaning up its system resources.
Must be called when the CRL is no longer required.abstract boolean
findSerialNumber(byte[] serial)
Search for a given certificate serial number retrieved byCertificateInfo.getInfo()
is in the CRL.
Must be invoked only after successfulverify()
.static int
getMaxCrlLength()
Returns the maximum size allowed for a single CRLabstract Calendar.TimeRange
getTimeRange()
Returns the time range on which the CRL is valid.abstract boolean
verify()
Verifies that the CRL is in the correct format and is signed correctly
-
-
-
Method Detail
-
getMaxCrlLength
public static int getMaxCrlLength()
Returns the maximum size allowed for a single CRL- Returns:
- The maximum size allowed for a single CRL in bytes
-
appendChunk
public abstract void appendChunk(byte[] input, short inputIndex, short inputLength) throws CryptoException
Appends a chunk of the CRL to the preallocated CRL buffer.
The total size of the chunks appended must be equal to the size provided when creating the CRL bycreateCrl()
All chunks must be added in the same order as they appear in the original CRL file.- Parameters:
input
- the chunk to be appendedinputIndex
- the offset in the buffer arrayinputLength
- the length of the chunk- Throws:
IllegalUseException
- if one of the following occursdestroy()
was previously called- the associated SslSession instance called
destroy()
- the associated SslSession instance called
generateAlertMessage()
IllegalParameterException
- when one or more of the parameters is illegal or the total appended size exceeds the specified sizeCryptoException
- if an internal error occurred
-
verify
public abstract boolean verify() throws CryptoException
Verifies that the CRL is in the correct format and is signed correctly- Returns:
- Returns true if the CRL was verified that it is signed correctly by the parent certificate and has a valid format, false otherwise
- Throws:
IllegalUseException
- if one of the following occursdestroy()
was previously called- the associated SslSession instance called
destroy()
- the associated SslSession instance called
generateAlertMessage()
- the CRL is incomplete - not all of the CRL chunks were appended
CryptoException
- if an internal error occurred
-
getTimeRange
public abstract Calendar.TimeRange getTimeRange() throws CryptoException
Returns the time range on which the CRL is valid. Must be invoked only after successfulverify()
.- Returns:
- The time range on which the CRL is valid
- Throws:
IllegalUseException
- if one of the following occursdestroy()
was previously calledverify()
was not previously called or did not complete successfully- the associated SslSession instance called
destroy()
- the associated SslSession instance called
generateAlertMessage()
CryptoException
- if an internal error occurred
-
findSerialNumber
public abstract boolean findSerialNumber(byte[] serial) throws CryptoException
Search for a given certificate serial number retrieved byCertificateInfo.getInfo()
is in the CRL.
Must be invoked only after successfulverify()
.- Parameters:
serial
- the serial number of the certificate we're trying to find in the CRL- Returns:
- Returns true if the serial number appears in the CRL (certificate is revoked), false otherwise
- Throws:
IllegalParameterException
- when the provided parameter is illegalIllegalUseException
- if one of the following occursdestroy()
was previously calledverify()
was not previously called or did not complete successfully- the associated SslSession instance called
destroy()
- the associated SslSession instance called
generateAlertMessage()
OperationFailedException
- if the search failed due to CRL being corrupted or having an invalid structureCryptoException
- if an internal error occurred
-
destroy
public abstract void destroy() throws CryptoException
Destroys a CRL cleaning up its system resources.
Must be called when the CRL is no longer required.- Throws:
IllegalUseException
- if one of the following occursdestroy()
was previously called- the associated SslSession instance was destroyed
CryptoException
- if an internal error occurred
-
-