Intel

Developer Zone

SslSession.Crl

com.intel.crypto

Class SslSession.Crl

  • java.lang.Object
    • com.intel.crypto.SslSession.Crl
  • Enclosing class:
    SslSession


    public abstract static class SslSession.Crl
    extends java.lang.Object
    This class represents a certificate revocation list object. This object can verify CRLs and search for certificate serial numbers within the CRL.
    • Method Summary

      Methods
      Modifier and Type Method and Description
      abstract void appendChunk(byte[] input, short inputIndex, short inputLength)
      Appends a chunk of the CRL to the preallocated CRL buffer.
      The total size of the chunks appended must be equal to the size provided when creating the CRL by createCrl()
      All chunks must be added in the same order as they appear in the original CRL file.
      abstract void destroy()
      Destroys a CRL cleaning up its system resources.
      Must be called when the CRL is no longer required.
      abstract boolean findSerialNumber(byte[] serial)
      Search for a given certificate serial number retrieved by CertificateInfo.getInfo() is in the CRL.
      Must be invoked only after successful verify().
      static int getMaxCrlLength()
      Returns the maximum size allowed for a single CRL
      abstract Calendar.TimeRange getTimeRange()
      Returns the time range on which the CRL is valid.
      abstract boolean verify()
      Verifies that the CRL is in the correct format and is signed correctly
      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, toString
    • Method Detail

      • getMaxCrlLength

        public static int getMaxCrlLength()
        Returns the maximum size allowed for a single CRL
        Returns:
        The maximum size allowed for a single CRL in bytes
      • appendChunk

        public abstract void appendChunk(byte[] input,
                       short inputIndex,
                       short inputLength)
                                  throws CryptoException
        Appends a chunk of the CRL to the preallocated CRL buffer.
        The total size of the chunks appended must be equal to the size provided when creating the CRL by createCrl()
        All chunks must be added in the same order as they appear in the original CRL file.
        Parameters:
        input - the chunk to be appended
        inputIndex - the offset in the buffer array
        inputLength - the length of the chunk
        Throws:
        IllegalUseException - if one of the following occurs
        IllegalParameterException - when one or more of the parameters is illegal or the total appended size exceeds the specified size
        CryptoException - if an internal error occurred
      • verify

        public abstract boolean verify()
                                throws CryptoException
        Verifies that the CRL is in the correct format and is signed correctly
        Returns:
        Returns true if the CRL was verified that it is signed correctly by the parent certificate and has a valid format, false otherwise
        Throws:
        IllegalUseException - if one of the following occurs
        • destroy() was previously called
        • the associated SslSession instance called destroy()
        • the associated SslSession instance called generateAlertMessage()
        • the CRL is incomplete - not all of the CRL chunks were appended
        CryptoException - if an internal error occurred
      • findSerialNumber

        public abstract boolean findSerialNumber(byte[] serial)
                                          throws CryptoException
        Search for a given certificate serial number retrieved by CertificateInfo.getInfo() is in the CRL.
        Must be invoked only after successful verify().
        Parameters:
        serial - the serial number of the certificate we're trying to find in the CRL
        Returns:
        Returns true if the serial number appears in the CRL (certificate is revoked), false otherwise
        Throws:
        IllegalParameterException - when the provided parameter is illegal
        IllegalUseException - if one of the following occurs
        OperationFailedException - if the search failed due to CRL being corrupted or having an invalid structure
        CryptoException - if an internal error occurred
      • destroy

        public abstract void destroy()
                              throws CryptoException
        Destroys a CRL cleaning up its system resources.
        Must be called when the CRL is no longer required.
        Throws:
        IllegalUseException - if one of the following occurs
        • destroy() was previously called
        • the associated SslSession instance was destroyed
        CryptoException - if an internal error occurred