Class CRLValidator


  • public class CRLValidator
    extends java.lang.Object
    Class that allows you to validate a certificate against a Certificate Revocation List (CRL) Response.
    • Method Detail

      • validate

        public void validate​(ValidationReport report,
                             ValidationContext context,
                             java.security.cert.X509Certificate certificate,
                             java.security.cert.X509CRL crl,
                             java.util.Date validationDate,
                             java.util.Date responseGenerationDate)
        Validates a certificate against Certificate Revocation List (CRL) Responses.
        Parameters:
        report - to store all the chain verification results
        context - the context in which to perform the validation
        certificate - the certificate to check against CRL response
        crl - the crl response to be validated
        validationDate - validation date to check for
        responseGenerationDate - trusted date at which response is generated
      • verifyRevocation

        private static void verifyRevocation​(ValidationReport report,
                                             java.security.cert.X509Certificate certificate,
                                             java.util.Date verificationDate,
                                             java.security.cert.X509CRL crl)
      • getIssuingDistributionPointExtension

        private static IIssuingDistributionPoint getIssuingDistributionPointExtension​(java.security.cert.X509CRL crl)
      • getExpiredCertsOnCRLExtensionDate

        private static java.util.Date getExpiredCertsOnCRLExtensionDate​(java.security.cert.X509CRL crl)
      • verifyCrlIntegrity

        private void verifyCrlIntegrity​(ValidationReport report,
                                        ValidationContext context,
                                        java.security.cert.X509Certificate certificate,
                                        java.security.cert.X509CRL crl,
                                        java.util.Date responseGenerationDate)
      • getRoots

        private java.util.List<java.security.cert.X509Certificate> getRoots​(java.security.cert.Certificate cert)