package model.pki.crl; import annotations.Assoc; import model.asn1.*; import java.util.Arrays; import java.util.Collection; import java.util.stream.Stream; /** * Indicates the revocation status of a certificate, given its serial number, revocation date, and reason. * 
 *     SEQUENCE {
 *        serialNumber CertificateSerialNumber,
 *        revocationDate Time,
 *        crlEntryExtensions Extensions OPTIONAL,
 *     ...}
 *
*/ public class RevokedCertificate extends ASN1Object { @Assoc(partOf = true) private final Int serialNumber; @Assoc(partOf = true) private final ASN1Time revocationDate; @Assoc(partOf = true) private final Reason reason; /** * EFFECT: Init with tags and parameters. See {@link ASN1Object} for tags. * REQUIRES: revocationDate should be either UtcTime or GeneralTime. */ public RevokedCertificate(Tag tag, Tag parentTag, Int serialNumber, ASN1Time revocationDate, Reason reason) { super(tag, parentTag); this.serialNumber = serialNumber; this.revocationDate = revocationDate; this.reason = reason; } @Override public Byte[] encodeValueDER() { final Byte[] r = new OctetString(OctetString.TAG, null, new Byte[]{0x0A, 0x01, (byte) reason.getVal()}) .encodeDER(); final Byte[] oid = new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_CRL_REASON) .encodeDER(); final Byte[] seqExt = Stream.of(Arrays.asList(TAG_SEQUENCE.encodeDER()), Arrays.asList(new ASN1Length(r.length + oid.length).encodeDER()), Arrays.asList(oid), Arrays.asList(r)) .flatMap(Collection::stream) .toArray(Byte[]::new); return Stream.of(Arrays.asList(serialNumber.encodeDER()), Arrays.asList(revocationDate.encodeDER()), Arrays.asList(TAG_SEQUENCE.encodeDER()), Arrays.asList(new ASN1Length(seqExt.length).encodeDER()), Arrays.asList(seqExt)) .flatMap(Collection::stream) .toArray(Byte[]::new); } public Int getSerialNumber() { return serialNumber; } public ASN1Time getRevocationDate() { return revocationDate; } public Reason getReason() { return reason; } }