2 * //******************************************************************
4 * // Copyright 2016 Samsung Electronics All Rights Reserved.
6 * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8 * // Licensed under the Apache License, Version 2.0 (the "License");
9 * // you may not use this file except in compliance with the License.
10 * // You may obtain a copy of the License at
12 * // http://www.apache.org/licenses/LICENSE-2.0
14 * // Unless required by applicable law or agreed to in writing, software
15 * // distributed under the License is distributed on an "AS IS" BASIS,
16 * // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * // See the License for the specific language governing permissions and
18 * // limitations under the License.
20 * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
22 package org.iotivity.cloud.accountserver.x509.crl;
25 import org.bouncycastle.cert.X509v2CRLBuilder;
26 import org.bouncycastle.operator.OperatorCreationException;
27 import org.iotivity.cloud.accountserver.resources.credprov.cert.CertificateStorage;
28 import org.iotivity.cloud.accountserver.x509.cert.CertificateBuilder;
30 import java.io.IOException;
31 import java.math.BigInteger;
32 import java.security.cert.X509CRLEntry;
33 import java.util.Collection;
34 import java.util.Date;
36 import static org.iotivity.cloud.accountserver.resources.credprov.cert.CertificateConstants.CA_ISSUER;
39 * Class is used for generating CRLs with specified parameters.
41 public final class CrlIssuer {
43 * Creates static final reference for CRL issuer.
45 public static final CrlIssuer CRL_ISSUER = new CrlIssuer();
48 * Private constructor to make class non-instantiable.
54 * Generates new CRL with specified this update, next update, certs and serial numbers list.
56 public byte[] generate(Date thisUpdate, Date nextUpdate, Collection<? extends X509CRLEntry> certs,
57 String... serialNumbers) throws IOException, OperatorCreationException {
58 X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(CA_ISSUER,
60 crlBuilder.setNextUpdate(nextUpdate);
62 for (X509CRLEntry entryHolder : certs) {
63 crlBuilder.addCRLEntry(entryHolder.getSerialNumber(), entryHolder.getRevocationDate(), 0);
66 for (String serialNumber : serialNumbers) {
67 crlBuilder.addCRLEntry(new BigInteger(serialNumber), new Date(), 0);
69 return crlBuilder.build(CertificateBuilder.SIGNER_BUILDER.
70 build(CertificateStorage.ROOT_PRIVATE_KEY)).getEncoded();