Class PlainCRLStoreSpi
- Direct Known Subclasses:
OpensslCRLStoreSpi
CRLs may be provided as URLs or local files. If the CRL is provided as a local file (i.e. is not an absolute URL) then it can contain wildcard characters ('*', '?'). In case of wildcard locations, the actual file list is regenerated on each update.
All CRLs are loaded and parsed to establish CA->CRL mapping. This mapping is updated after the updateInterval time is passed.
Faulty CRL locations together with the respective errors can be obtained by using a listener.
It is possible to pass more then one location of CRLs of the same CA.
The class is implemented in an asynchronous mode: CRLs are resolved on regular intervals (or only once on startup). The CRL searching is independent of the updates. It can block to download, read and subsequently parse a CRL if it is not present in the in-memory cache.
CRLs downloaded from a remote URL (http or ftp) can be cached on a local disk. If the update task can not download the CRL which was previously cached on disk, then the version from disk is returned.
This class is thread safe.
- Author:
- K. Benedyczak
-
Field Summary
Fields inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
factory, observers, params, updateInterval -
Constructor Summary
ConstructorsConstructorDescriptionPlainCRLStoreSpi(CRLParameters params, Timer t, ObserversHandler observers) Creates a new CRL store. -
Method Summary
Modifier and TypeMethodDescriptionprotected voidvoiddispose()After calling this method no notification will be produced and subsequent updates won't be scheduled.protected Collection<X509CRL>getCRLForIssuer(X500Principal issuer) protected Collection<X509CRL>getCRLWithMatcher(CRLSelector selectorRaw) longprotected X509CRLprotected X509CRLvoidsetUpdateInterval(long newInterval) voidstart()Initiates the store operation (the initial update and subsequent refreshes)Methods inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
engineGetCertificates, engineGetCRLs, notifyObservers
-
Constructor Details
-
PlainCRLStoreSpi
public PlainCRLStoreSpi(CRLParameters params, Timer t, ObserversHandler observers) throws InvalidAlgorithmParameterException Creates a new CRL store. The store will be empty until thestart()method is called.- Parameters:
params- CRL parameterst- timerobservers- observers handler- Throws:
InvalidAlgorithmParameterException- invalid algorithm parameter exception
-
-
Method Details
-
start
public void start()Initiates the store operation (the initial update and subsequent refreshes) -
loadCRL
-
getLocations
-
setUpdateInterval
public void setUpdateInterval(long newInterval) - Specified by:
setUpdateIntervalin classAbstractCRLStoreSPI
-
getUpdateInterval
public long getUpdateInterval() -
reloadCRL
-
addCRL
-
getCRLForIssuer
- Specified by:
getCRLForIssuerin classAbstractCRLStoreSPI
-
getCRLWithMatcher
- Specified by:
getCRLWithMatcherin classAbstractCRLStoreSPI
-
dispose
public void dispose()After calling this method no notification will be produced and subsequent updates won't be scheduled. However one next update may be run.- Specified by:
disposein classAbstractCRLStoreSPI
-