net.maritimecloud.pki

Class Revocation

java.lang.Object

net.maritimecloud.pki.Revocation

public class Revocation
extends Object

Constructor Summary

Constructors

Constructor and Description
Revocation()

Method Summary

Modifier and Type	Method and Description
static X509CRL	generateCRL(List<RevocationInfo> revokedCerts, KeyStore.PrivateKeyEntry keyEntry) Creates a Certificate RevocationInfo List (CRL) for the certificate serialnumbers given.
static org.bouncycastle.cert.ocsp.OCSPResp	generateOCSPResponse(org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder respBuilder, KeyStore.PrivateKeyEntry signingCert) Generates a OCSPResp.
static void	generateRootCACRL(String signName, List<RevocationInfo> revokedCerts, KeyStore.PrivateKeyEntry keyEntry, String outputCaCrlPath) Creates a Certificate RevocationInfo List (CRL) for the certificate serialnumbers given.
static int	getCRLReasonFromString(String certReason) Returns the int value associated with a revocation status
static org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder	initOCSPRespBuilder(org.bouncycastle.cert.ocsp.OCSPReq request, PublicKey publicKey) Generate a BasicOCSPRespBuilder.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Revocation

public Revocation()

Method Detail

getCRLReasonFromString

public static int getCRLReasonFromString(String certReason)

Returns the int value associated with a revocation status

Parameters:

certReason - The string representation of the status. Should be lowercase with no spaces or underscore

Returns:

The int value associated with the revocation status

generateCRL

public static X509CRL generateCRL(List<RevocationInfo> revokedCerts,
                                  KeyStore.PrivateKeyEntry keyEntry)

Creates a Certificate RevocationInfo List (CRL) for the certificate serialnumbers given.

Parameters:

revokedCerts - List of the serialnumbers that should be revoked.

keyEntry - Private key to sign the CRL

Returns:

a CRL

generateRootCACRL

public static void generateRootCACRL(String signName,
                                     List<RevocationInfo> revokedCerts,
                                     KeyStore.PrivateKeyEntry keyEntry,
                                     String outputCaCrlPath)

Creates a Certificate RevocationInfo List (CRL) for the certificate serialnumbers given.

Parameters:

signName - DN name of the signing certificate

revokedCerts - List of the serialnumbers that should be revoked.

keyEntry - Private key to sign the CRL

outputCaCrlPath - Where to place the CRL

initOCSPRespBuilder

public static org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder initOCSPRespBuilder(org.bouncycastle.cert.ocsp.OCSPReq request,
                                                                                  PublicKey publicKey)

Generate a BasicOCSPRespBuilder.

Parameters:

request - The incoming request.

publicKey - Public key of the issuer.

Returns:

a BasicOCSPRespBuilder

generateOCSPResponse

public static org.bouncycastle.cert.ocsp.OCSPResp generateOCSPResponse(org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder respBuilder,
                                                                       KeyStore.PrivateKeyEntry signingCert)

Generates a OCSPResp.

Parameters:

respBuilder - A BasicOCSPRespBuilder

signingCert - PrivateKeyEntry of the signing certificate.

Returns:

a OCSPResp