|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
Object | +--CRLGenerator
Class implementing a CRL certificate generator
Defined in crlgenerator.js
| Field Summary | |
Object |
crypto
|
<static> Object |
aACompromise
|
<static> Object |
affiliationChanged
|
<static> Object |
cACompromise
|
<static> Object |
certificateHold
|
<static> Object |
cessationOfOperation
|
<static> Object |
keyCompromise
|
<static> Object |
privilegeWithdrawn
|
<static> Object |
removeFromCRL
|
<static> Object |
superseded
|
<static> Object |
unspecified
|
| Constructor Summary | |
CRLGenerator(<Crypto> crypto)
Create a Certificate Revocation List (CRL) generator. |
|
| Method Summary | |
void
|
addAuthorityKeyIdentifierExtension(publicKey)
Adds the authority public key identifier extension based on the issuers key. |
void
|
addCRLNumberExtension(crlnumber)
Adds the CRL number extension. |
void
|
addExtension(<String> extnID, <Boolean> critical, extnValue)
Adds an extension to the CRL |
void
|
addRevokedCertificate(<ASN1> revokedCertificate)
Add a revoked certificate to the list. |
X509
|
generateCRL(privateKey)
Generates the certificate. |
ASN1
|
getExtensions()
Gets the CRL extension as TLV object |
ASN1
|
getIssuer()
Gets the issuer name as TLV object |
ASN1
|
getNextUpdate()
Gets the nextUpdate TLV object |
ASN1
|
getRevokedCertificates()
Gets revoked certificates |
ASN1
|
getSignatureAlgorithm()
Gets the signature algorithm TLV object |
ASN1
|
getTbsCertificateList()
Gets the part of the CRL that will be signed |
ASN1
|
getThisUpdate()
Gets the thisUpdate TLV object |
Number
|
loadCRLEntries(<String> filename)
Load list of revoked certificates from an existing CRL |
void
|
reset()
Resets all internal state variables. |
void
|
revokeCertificate(<ByteString> serial, <Date> timestamp, reason, ext)
Add a revoked certificate to the list. |
void
|
setIssuer(<Object> issuer)
Sets the isser name. |
void
|
setNextUpdate(<Date> datetime)
Sets the timestamp for the next update |
void
|
setSignatureAlgorithm(<Number> alg)
Sets the signature algorithm. |
void
|
setThisUpdate(<Date> datetime)
Sets the timestamp for this CRL |
| Field Detail |
Object crypto
<static> Object aACompromise
<static> Object affiliationChanged
<static> Object cACompromise
<static> Object certificateHold
<static> Object cessationOfOperation
<static> Object keyCompromise
<static> Object privilegeWithdrawn
<static> Object removeFromCRL
<static> Object superseded
<static> Object unspecified
| Constructor Detail |
CRLGenerator(<Crypto> crypto)
crypto - the crypto provider to use for signing operations
| Method Detail |
void addAuthorityKeyIdentifierExtension(publicKey)
The key identifier is calculated as SHA-1 hash over the contents of the issuer public key (Without tag, length and number of unused bits.
void addCRLNumberExtension(crlnumber)
void addExtension(<String> extnID, <Boolean> critical, extnValue)
The structure is defined as:
Extension ::= SEQUENCE {
extnID OBJECT IDENTIFIER,
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING
-- contains the DER encoding of an ASN.1 value
-- corresponding to the extension type identified
-- by extnID
}
extnID - the extensions object identifier
critical - the extension is critical
the - extension value as ByteString
void addRevokedCertificate(<ASN1> revokedCertificate)
revokedCertificate - the information related to the revoked certificate
X509 generateCRL(privateKey)
ASN1 getExtensions()
ASN1 getIssuer()
ASN1 getNextUpdate()
ASN1 getRevokedCertificates()
ASN1 getSignatureAlgorithm()
ASN1 getTbsCertificateList()
ASN1 getThisUpdate()
Number loadCRLEntries(<String> filename)
filename - the file name of the DER encoded CRL
void reset()
void revokeCertificate(<ByteString> serial, <Date> timestamp, reason, ext)
serial - the serial number of the certificate to revoke
timestamp - the revocation time, optional, default is now
Number - ) reason the revocation reason
ASN1 - ) ext the crl entry extensions
void setIssuer(<Object> issuer)
The issuer name must be a JavaScript object containing the properties:
Example:
var issuer = { C:"UT", O:"ACME Corporation", CN:"Test-CA" };
issuer - the issuer name
void setNextUpdate(<Date> datetime)
datetime - the date and time of the next update
void setSignatureAlgorithm(<Number> alg)
alg - the signature algorithm, must be one of Crypto.RSA, Crypto.RSA_SHA256 or Crypto.ECDSA_SHA256
void setThisUpdate(<Date> datetime)
datetime - the current date and time
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||