RevocationParameters (canl 2.5.0 API)

java.lang.Object
- eu.emi.security.authn.x509.RevocationParameters

All Implemented Interfaces:

Cloneable

Direct Known Subclasses:

RevocationParametersExt
```
public class RevocationParameters
extends Object
implements Cloneable
```
Wraps the information required to control how certificates revocation is checked. Currently two mechanisms can be configured (also together): CRL and OCSP. Each of the mechanisms can have its own options. In case of CRLs this configuration can be even different depending on validator being used.
This class controls also the overall revocation checking process, if more then one revocation source is enabled. It is possible to choose which is tried first and whether all enabled sources must be used always (useAllEnabled). For instance, let's assume the default revocation checking order (OCSP, CRL) and that both sources are enabled. Then if OCSP returns that certificate is valid and useAllEnabled is true, also the CRL will be checked. If useAllEnabled is false, then OCSP answer will be sufficient.
Note that regardless of the useAllEnabled setting, if the first source returns that the certificate is revoked, the next one will not be used.
Finally note that the individual revocation sources settings are the most important anyway. For instance if both sources are enabled, but in non-requisite modes, then the whole revocation checking can finish in undetermined state which will be perfectly fine.

Author:

K. Benedyczak

See Also:

RevocationParametersExt

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class RevocationParameters.RevocationCheckingOrder

Nested Classes
Modifier and Type	Class and Description
`static class`	`RevocationParameters.RevocationCheckingOrder`

Field Summary

Fields
Modifier and Type	Field and Description
`protected CrlCheckingMode`	`crlCheckingMode`
`static RevocationParameters`	`IGNORE` Constant which can be used to simply turn off any revocation checking.
`protected OCSPParametes`	`ocspParameters`
`protected RevocationParameters.RevocationCheckingOrder`	`order`
`protected boolean`	`useAllEnabled`

Constructor Summary

Constructors
Constructor and Description
`RevocationParameters()` Default constructor, using the default `CrlCheckingMode.IF_VALID` and default `OCSPParametes`.
`RevocationParameters(CrlCheckingMode crlCheckingMode)` Deprecated.
`RevocationParameters(CrlCheckingMode crlCheckingMode, OCSPParametes ocspParameters)` One positive revocation source is enough to finish validation, order is set to OCSP first, then CRL.
`RevocationParameters(CrlCheckingMode crlCheckingMode, OCSPParametes ocspParametes, boolean useAllEnabled, RevocationParameters.RevocationCheckingOrder order)` Constructor allowing to control all settings.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`RevocationParameters`	`clone()` Clone the instance
`CrlCheckingMode`	`getCrlCheckingMode()` Returns the current CRL settings.
`OCSPParametes`	`getOcspParameters()` Returns the current OCSP settings.
`RevocationParameters.RevocationCheckingOrder`	`getOrder()`
`boolean`	`isUseAllEnabled()`
`void`	`setCrlCheckingMode(CrlCheckingMode crlCheckingMode)` Changes CRL settings that shall be used.
`void`	`setOcspParameters(OCSPParametes ocspParametes)` Changes OCSP settings that shall be used.
`void`	`setOrder(RevocationParameters.RevocationCheckingOrder order)`
`void`	`setUseAllEnabled(boolean useAllEnabled)`

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - IGNORE
```
public static final RevocationParameters IGNORE
```
    Constant which can be used to simply turn off any revocation checking.
  - crlCheckingMode
```
protected CrlCheckingMode crlCheckingMode
```
  - ocspParameters
```
protected OCSPParametes ocspParameters
```
  - useAllEnabled
```
protected boolean useAllEnabled
```
  - order
```
protected RevocationParameters.RevocationCheckingOrder order
```
- Constructor Detail
  - RevocationParameters
```
public RevocationParameters()
```
    Default constructor, using the default CrlCheckingMode.IF_VALID and default OCSPParametes. One positive revocation source is enough to finish validation, order is set to OCSP first, then CRL.
  - RevocationParameters
```
public RevocationParameters(CrlCheckingMode crlCheckingMode)
```
    Deprecated.
    
    Constructor using default OCSPParametes One positive revocation source is enough to finish validation, order is set to OCSP first, then CRL.
    
    Parameters:
    
    crlCheckingMode - what CRL settings shall be used
  - RevocationParameters
```
public RevocationParameters(CrlCheckingMode crlCheckingMode,
                            OCSPParametes ocspParameters)
```
    One positive revocation source is enough to finish validation, order is set to OCSP first, then CRL.
    
    Parameters:
    
    crlCheckingMode - what CRL settings shall be used
    
    ocspParameters - what OCSP settings shall be used
  - RevocationParameters
```
public RevocationParameters(CrlCheckingMode crlCheckingMode,
                            OCSPParametes ocspParametes,
                            boolean useAllEnabled,
                            RevocationParameters.RevocationCheckingOrder order)
```
    Constructor allowing to control all settings.
    
    Parameters:
    
    crlCheckingMode - what CRL settings shall be used
    
    ocspParametes - what OCSP settings shall be used
    
    useAllEnabled - useful only if more then one revocation method is enabled. If this parameter is true then all enabled revocation sources are tried, even if the first one returns that certificate is valid.
    
    order - in what order the configured revocations methods should be tried. Significant only if more then one source is enabled.
- Method Detail
  - getCrlCheckingMode
```
public CrlCheckingMode getCrlCheckingMode()
```
    Returns the current CRL settings.
    
    Returns:
    
    the current CRL settings
  - setCrlCheckingMode
```
public void setCrlCheckingMode(CrlCheckingMode crlCheckingMode)
```
    Changes CRL settings that shall be used.
    
    Parameters:
    
    crlCheckingMode - what CRL settings shall be used
  - getOcspParameters
```
public OCSPParametes getOcspParameters()
```
    Returns the current OCSP settings.
    
    Returns:
    
    the current OCSP settings
  - setOcspParameters
```
public void setOcspParameters(OCSPParametes ocspParametes)
```
    Changes OCSP settings that shall be used.
    
    Parameters:
    
    ocspParametes - what OCSP settings shall be used
  - isUseAllEnabled
```
public boolean isUseAllEnabled()
```
    Returns:
    
    the useAllEnabled
  - setUseAllEnabled
```
public void setUseAllEnabled(boolean useAllEnabled)
```
    Parameters:
    
    useAllEnabled - the useAllEnabled to set
  - getOrder
```
public RevocationParameters.RevocationCheckingOrder getOrder()
```
    Returns:
    
    the order
  - setOrder
```
public void setOrder(RevocationParameters.RevocationCheckingOrder order)
```
    Parameters:
    
    order - the order to set
  - clone
```
public RevocationParameters clone()
```
    Clone the instance
    
    Overrides:
    
    clone in class Object

Class RevocationParameters

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

IGNORE

crlCheckingMode

ocspParameters

useAllEnabled

order

Constructor Detail

RevocationParameters

RevocationParameters

RevocationParameters

RevocationParameters

Method Detail

getCrlCheckingMode

setCrlCheckingMode

getOcspParameters

setOcspParameters

isUseAllEnabled

setUseAllEnabled

getOrder

setOrder

clone