iaik.asn1.structures

Class DistributionPoint

java.lang.Object

iaik.asn1.structures.DistributionPoint

public class DistributionPoint
extends java.lang.Object

This class implements the ASN.1 type DistributionPoint as used within a CRLDistributionPoints X.509v3 extension for identifying how CRL information is obtained.

The X.509 Certificate and CRL profile presented in RFC 3280 specifies a DistributionPoint as ASN.1 SEQUENCE structure specifying a distribution point name which may be an URI pointing to the current CRL for the associated reasons, issued by the associated cRLIssuer:

 DistributionPoint ::= SEQUENCE {
    distributionPoint       [0]     DistributionPointName OPTIONAL,
    reasons                 [1]     ReasonFlags OPTIONAL,
    cRLIssuer               [2]     GeneralNames OPTIONAL }
 

 DistributionPointName ::= CHOICE {
    fullName                [0]     GeneralNames,
    nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
 

 ReasonFlags ::= BIT STRING {
    unused                  (0),
    keyCompromise           (1),
    cACompromise            (2),
    affiliationChanged      (3),
    superseded              (4),
    cessationOfOperation    (5),
    certificateHold         (6) }
 

If the distributionPoint omits reasons, the CRL shall include revocations for all reasons. If the distributionPoint omits cRLIssuer, the CRL shall be issued by the CA that issued the certificate.

More information can be found in the X.509 Certificate and CRL profile presented in RFC 3280, section 4.2.1.14 "CRLDistributionPoints".

When creating a DistributionPoint object to be used for the CRLDistributionPoints extension, you may supply the distributionPointName immediately, and subsequently perhaps use the setReasonFlags and/or setCrlIssuer methods for setting the reasons and/or cRLIssuer, e.g.: e.g.:

 GeneralName dpName = new GeneralName(GeneralName.uniformResourceIdentifier, "http://www.test-ca.at/repository");
 DistributionPoint dp = new DistributionPoint(new GeneralNames(dpName));
 dp.setReasonFlags(DistributionPoint.keyCompromise);
 

See Also:

CRLDistributionPoints, GeneralNames, GeneralName, Name

Field Summary

Fields

Modifier and Type	Field and Description
static int	affiliationChanged The affiliationChanged reason flag.
static int	cACompromise The cACompromise reason flag.
static int	certificateHold The certificateHold reason flag.
static int	cessationOfOperation The cessationOfOperation reason flag.
static int	keyCompromise The keyCompromise reason flag.
static int	superseded The superseded reason flag.
static int	unused The unused reason flag.

Constructor Summary

Constructors

Constructor and Description
DistributionPoint() Default constructor.
DistributionPoint(ASN1Object distributionPoint) Constructs a DistributionPoint from an ASN1Object.
DistributionPoint(ASN1Type distributionPointName) Creates a new DistributionPoint for the given distribution point name, specified as RDN or a GeneralNames.

Method Summary

Modifier and Type	Method and Description
GeneralNames	getCrlIssuer() Returns the CRL Issuer parameter of this distribution point.
ASN1Type	getDistributionPointName() Returns the distribution point name of this distribution point.
int	getReasonFlags() Returns the reason flags specification of this distribution point.
void	setCrlIssuer(GeneralNames crlIssuer) Sets the CRL Issuer parameter of this extension.
void	setDistributionPointName(ASN1Type distributionPointName) Sets the distribution point name parameter of this extension.
void	setReasonFlags(int reasonFlags) Sets the reason flags parameter of this extension.
ASN1Object	toASN1Object() Returns this DistributionPoint as (SEQUENCE) ASN1Object.
java.lang.String	toString() Returns a string that represents the contents of this DistributionPoint.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

unused

public static int unused

The unused reason flag.

keyCompromise

public static int keyCompromise

The keyCompromise reason flag.

cACompromise

public static int cACompromise

The cACompromise reason flag.

affiliationChanged

public static int affiliationChanged

The affiliationChanged reason flag.

superseded

public static int superseded

The superseded reason flag.

cessationOfOperation

public static int cessationOfOperation

The cessationOfOperation reason flag.

certificateHold

public static int certificateHold

The certificateHold reason flag.

Constructor Detail

DistributionPoint

public DistributionPoint()

Default constructor. Creates an empty DistributionPoint object.

Per default, reasonFlag is set to -1 indicating that no reason is selected, DistributionPointName and CrlIssuer are set to null. Use setReasonFlags, setDistributionPointName, setCrlIssuer for setting the corresponding values.

DistributionPoint

public DistributionPoint(ASN1Type distributionPointName)
                  throws java.lang.IllegalArgumentException

Creates a new DistributionPoint for the given distribution point name, specified as RDN or a GeneralNames. The supplied distribution point name has to be a RDN or a GeneralNames object:

For instance:

 RDN distributionPointName = new RDN();
 distributionPointName.addAVA(ObjectID.country, "AT");
 distributionPointName.addAVA(ObjectID.locality, "Graz");
 distributionPointName.addAVA(ObjectID.organization ,"UT Graz");
 distributionPointName.addAVA(ObjectID.organizationalUnit ,"IAIK");
 distributionPointName.addAVA(ObjectID.commonName ,"http://ca.iaik.com/");
 DistributionPoint distributionPoint = new DistributionPoint(distributionPointName);
 

Parameters:

distributionPointName - the name of the distribution point as RDN or GeneralNames object

Throws:

java.lang.IllegalArgumentException - if the given name is not an instance of RDN or GeneralNames

See Also:

GeneralName, RDN

DistributionPoint

public DistributionPoint(ASN1Object distributionPoint)
                  throws CodingException

Constructs a DistributionPoint from an ASN1Object.

The given distribution point ASN1Object is parsed for any distribution point name, reasons specification and CRLIssuer.

Parameters:

distributionPoint - the DistributionPoint as ASN1Object

Throws:

CodingException - if the ASN1Object is not a DistributionPoint

Method Detail

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException

Returns this DistributionPoint as (SEQUENCE) ASN1Object.

Returns:

this DistributionPoint as ASN1Object

Throws:

CodingException - if there was an error while constructing the ASN1Object

setDistributionPointName

public void setDistributionPointName(ASN1Type distributionPointName)
                              throws java.lang.IllegalArgumentException

Sets the distribution point name parameter of this extension.

Only instances of RDN or GeneralNames are accepted! For instance:

 RDN distributionPointName = new RDN();
 distributionPointName.addAVA(ObjectID.country, "AT");
 distributionPointName.addAVA(ObjectID.locality, "Graz");
 distributionPointName.addAVA(ObjectID.organization ,"UT Graz");
 distributionPointName.addAVA(ObjectID.organizationalUnit ,"IAIK");
 distributionPointName.addAVA(ObjectID.commonName ,"http://ca.iaik.com/");
 DistributionPoint distributionPoint = new DistributionPoint();
 distributionPoint.setDistributionPointName(distributionPointName);
 

Parameters:

distributionPointName - the name to be set

Throws:

java.lang.IllegalArgumentException - if the given name is not an instance of RDN or GeneralNames

See Also:

GeneralNames, RDN

setReasonFlags

public void setReasonFlags(int reasonFlags)

Sets the reason flags parameter of this extension.

For instance:

distributionPoint.setReasonFlags(DistributionPoint.keyCompromise);

Parameters:

reasonFlags - the reasons value as int

setCrlIssuer

public void setCrlIssuer(GeneralNames crlIssuer)

Sets the CRL Issuer parameter of this extension.

For instance:

 GeneralNames generalNames = new GeneralNames();
 generalNames.addName(new GeneralName(GeneralName.uniformResourceIdentifier, "http://ca.iaik.com/"));
 

Parameters:

crlIssuer - the CRL Issuer value to be set as GeneralNames

getDistributionPointName

public ASN1Type getDistributionPointName()

Returns the distribution point name of this distribution point.

Returns:

the name as GeneralNames or as RDN

See Also:

GeneralNames, RDN, setDistributionPointName(iaik.asn1.ASN1Type)

getReasonFlags

public int getReasonFlags()

Returns the reason flags specification of this distribution point.

Note the "big endian" representation of the BIT STRING representing the reason flag value of this DistributionPoint: the least significant bit indicates the reason flag with the lowest bit value, meaning that the integer value 1 specifies the "unused" flag, and the integer value 64 (binary 1000000, hexadecimal 40) specifies the "certificateHold" purpose.

Returns:

the reason flags specification as int

See Also:

setReasonFlags(int)

getCrlIssuer

public GeneralNames getCrlIssuer()

Returns the CRL Issuer parameter of this distribution point.

Returns:

the CRL Issuer as GeneralNames object

See Also:

GeneralNames, setCrlIssuer(iaik.asn1.structures.GeneralNames)

toString

public java.lang.String toString()

Returns a string that represents the contents of this DistributionPoint.

Overrides:

toString in class java.lang.Object

Returns:

the string representation