001: /*************************************************************************
002: * *
003: * EJBCA: The OpenSource Certificate Authority *
004: * *
005: * This software is free software; you can redistribute it and/or *
006: * modify it under the terms of the GNU Lesser General Public *
007: * License as published by the Free Software Foundation; either *
008: * version 2.1 of the License, or any later version. *
009: * *
010: * See terms of license at gnu.org. *
011: * *
012: *************************************************************************/package org.ejbca.core.model.ca.crl;
013:
014: import java.math.BigInteger;
015: import java.util.Date;
016:
017: /**
018: * Holds information about a revoked certificate. The information kept here is the
019: * information that goes into a CRLEntry.
020: *
021: * @version $Id: RevokedCertInfo.java,v 1.3 2007/09/19 12:42:20 anatom Exp $
022: **/
023: public class RevokedCertInfo extends java.lang.Object implements
024: java.io.Serializable {
025:
026: /** Version number for serialization */
027: private static final long serialVersionUID = 1L;
028:
029: /** Constants defining different revokation reasons. */
030: public static final int NOT_REVOKED = -1;
031: public static final int REVOKATION_REASON_UNSPECIFIED = 0;
032: public static final int REVOKATION_REASON_KEYCOMPROMISE = 1;
033: public static final int REVOKATION_REASON_CACOMPROMISE = 2;
034: public static final int REVOKATION_REASON_AFFILIATIONCHANGED = 3;
035: public static final int REVOKATION_REASON_SUPERSEDED = 4;
036: public static final int REVOKATION_REASON_CESSATIONOFOPERATION = 5;
037: public static final int REVOKATION_REASON_CERTIFICATEHOLD = 6;
038: public static final int REVOKATION_REASON_REMOVEFROMCRL = 8;
039: public static final int REVOKATION_REASON_PRIVILEGESWITHDRAWN = 9;
040: public static final int REVOKATION_REASON_AACOMPROMISE = 10;
041:
042: private BigInteger userCertificate;
043: private Date revocationDate;
044: private Date expireDate;
045: private int reason;
046: private String fingerprint;
047:
048: /**
049: * A default constructor is needed to instantiate
050: * RevokedCertInfo objects using <jsp:useBean> by Tomcat 5.
051: */
052: public RevokedCertInfo() {
053: fingerprint = null;
054: userCertificate = null;
055: revocationDate = null;
056: expireDate = null;
057: reason = REVOKATION_REASON_UNSPECIFIED;
058: }
059:
060: /**
061: * Constructor filling in the whole object.
062: *
063: **/
064: public RevokedCertInfo(String fingerprint, BigInteger serno,
065: Date revdate, int reason, Date expdate) {
066: this .fingerprint = fingerprint;
067: this .userCertificate = serno;
068: this .revocationDate = revdate;
069: this .reason = reason;
070: this .expireDate = expdate;
071: }
072:
073: /**
074: * Certificate fingerprint
075: **/
076: public String getCertificateFingerprint() {
077: return this .fingerprint;
078: }
079:
080: /**
081: * Certificate fingerprint
082: **/
083: public void setCertificateFingerprint(String fp) {
084: this .fingerprint = fp;
085: }
086:
087: /**
088: * Certificate serial number
089: **/
090: public BigInteger getUserCertificate() {
091: return this .userCertificate;
092: }
093:
094: /**
095: * Certificate serial number
096: **/
097: public void setUserCertificate(BigInteger serno) {
098: this .userCertificate = serno;
099: }
100:
101: /**
102: * Date when the certificate was revoked.
103: **/
104: public Date getRevocationDate() {
105: return this .revocationDate;
106: }
107:
108: /**
109: * Date when the certificate was revoked.
110: **/
111: public void setRevocationDate(Date date) {
112: this .revocationDate = date;
113: }
114:
115: /**
116: * Date when the certificate expires.
117: **/
118: public Date getExpireDate() {
119: return this .expireDate;
120: }
121:
122: /**
123: * Date when the certificate expires.
124: **/
125: public void setExpireDate(Date date) {
126: this .expireDate = date;
127: }
128:
129: /**
130: * The reason the certificate was revoked.
131: * <pre>
132: * ReasonFlags ::= BIT STRING {
133: * unspecified(0),
134: * keyCompromise(1),
135: * cACompromise(2),
136: * affiliationChanged(3),
137: * superseded(4),
138: * cessationOfOperation(5),
139: * certficateHold(6)
140: * removeFromCRL(8)
141: * privilegeWithdrawn(9)
142: * aACompromise(10)
143: * }
144: * </pre>
145: **/
146: public int getReason() {
147: return this .reason;
148: }
149:
150: /**
151: * The reason the certificate was revoked.
152: **/
153: public void setReason(int reason) {
154: this .reason = reason;
155: }
156:
157: public String toString() {
158: return this .userCertificate == null ? "null"
159: : this .userCertificate.toString();
160: }
161:
162: /**
163: * A quick way to tell if the certificate has been revoked.
164: * @return true if the certificate has been revoked, otherwise false.
165: */
166: public boolean isRevoked() {
167: return this .reason != NOT_REVOKED;
168: }
169:
170: /**
171: * This method returns the revocation reason as a text string that is understandable.
172: * TODO: The strings in this method should be easier for users to change
173: *
174: * @return A string describing the reason for revocation.
175: */
176: public String getHumanReadableReason() {
177: switch (reason) {
178: case NOT_REVOKED:
179: return "the certificate is not revoked";
180: case REVOKATION_REASON_UNSPECIFIED:
181: return "unspecified";
182: case REVOKATION_REASON_KEYCOMPROMISE:
183: return "key compromise";
184: case REVOKATION_REASON_CACOMPROMISE:
185: return "CA compromise";
186: case REVOKATION_REASON_AFFILIATIONCHANGED:
187: return "affiliation changed";
188: case REVOKATION_REASON_SUPERSEDED:
189: return "superseded";
190: case REVOKATION_REASON_CESSATIONOFOPERATION:
191: return "cessation of operation";
192: case REVOKATION_REASON_CERTIFICATEHOLD:
193: return "certificate hold";
194: case REVOKATION_REASON_REMOVEFROMCRL:
195: return "remove from CRL";
196: case REVOKATION_REASON_PRIVILEGESWITHDRAWN:
197: return "privileges withdrawn";
198: case REVOKATION_REASON_AACOMPROMISE:
199: return "AA compromise";
200: default:
201: return "unknown";
202: }
203: }
204: }
|