public class PlainCRLStoreSpi extends CertStoreSpi
CRLs may be provided as URLs or local files. If the CRL is provided as a local file (i.e. is not an absolute URL) then it can contain wildcard characters ('*', '?'). In case of wildcard locations, the actual file list is regenerated on each update.
All CRLs are loaded and parsed to establish CA->CRL mapping. This mapping is updated after the updateInterval time is passed.
Faulty CRL locations together with the respective errors can be obtained by using a listener.
It is possible to pass more then one location of CRLs of the same CA.
The class is implemented in an asynchronous mode: CRLs are updated on regular intervals (or only once on startup). The CRL searching is independent of the updates and never blocks to download, read or parse a CRL.
CRLs downloaded from a remote URL (http or ftp) can be cached on a local disk. If the update task can not download the CRL which was previously cached on disk, then the version from disk is returned.
This class is thread safe.
Constructor and Description |
---|
PlainCRLStoreSpi(CRLParameters params,
Timer t,
ObserversHandler observers) |
Modifier and Type | Method and Description |
---|---|
protected void |
addCRL(X509CRL crl,
URL location) |
void |
dispose()
After calling this method no notification will be produced and subsequent
updates won't be scheduled.
|
Collection<? extends Certificate> |
engineGetCertificates(CertSelector selector) |
Collection<? extends CRL> |
engineGetCRLs(CRLSelector selectorRaw) |
protected Collection<X509CRL> |
getCRLForIssuer(X500Principal issuer) |
List<String> |
getLocations() |
long |
getUpdateInterval() |
protected X509CRL |
loadCRL(URL url) |
protected void |
notifyObservers(String url,
StoreUpdateListener.Severity level,
Exception e) |
protected void |
reloadCRLs(Collection<URL> locations)
For all URLs tries to load a CRL
|
void |
setUpdateInterval(long newInterval) |
public PlainCRLStoreSpi(CRLParameters params, Timer t, ObserversHandler observers) throws InvalidAlgorithmParameterException
protected void notifyObservers(String url, StoreUpdateListener.Severity level, Exception e)
protected X509CRL loadCRL(URL url) throws IOException, CRLException, URISyntaxException
public void setUpdateInterval(long newInterval)
public long getUpdateInterval()
protected void reloadCRLs(Collection<URL> locations)
protected Collection<X509CRL> getCRLForIssuer(X500Principal issuer)
public Collection<? extends Certificate> engineGetCertificates(CertSelector selector) throws CertStoreException
engineGetCertificates
in class CertStoreSpi
CertStoreException
public Collection<? extends CRL> engineGetCRLs(CRLSelector selectorRaw) throws CertStoreException
engineGetCRLs
in class CertStoreSpi
CertStoreException
public void dispose()
Copyright © 2012–2013 European Middleware Initiative. All rights reserved.