hunt.security.cert.X509CRLEntry source code

1 module hunt.security.cert.X509CRLEntry;
2 
3 import hunt.security.cert.CRLReason;
4 import hunt.security.cert.X509Extension;
5 import hunt.security.x500.X500Principal;
6 import hunt.security.Principal;
7 
8 import hunt.Exceptions;
9 
10 import std.datetime;
11 import std.bigint;
12 
13 /**
14  * <p>Abstract class for a revoked certificate in a CRL (Certificate
15  * Revocation List).
16  *
17  * The ASN.1 definition for <em>revokedCertificates</em> is:
18  * <pre>
19  * revokedCertificates    SEQUENCE OF SEQUENCE  {
20  *     userCertificate    CertificateSerialNumber,
21  *     revocationDate     ChoiceOfTime,
22  *     crlEntryExtensions Extensions OPTIONAL
23  *                        -- if present, must be v2
24  * }  OPTIONAL
25  *
26  * CertificateSerialNumber  ::=  INTEGER
27  *
28  * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
29  *
30  * Extension  ::=  SEQUENCE  {
31  *     extnId        OBJECT IDENTIFIER,
32  *     critical      BOOLEAN DEFAULT FALSE,
33  *     extnValue     OCTET STRING
34  *                   -- contains a DER encoding of a value
35  *                   -- of the type registered for use with
36  *                   -- the extnId object identifier value
37  * }
38  * </pre>
39  *
40  * @see X509CRL
41  * @see X509Extension
42  *
43  * @author Hemma Prafullchandra
44  */
45 
46 abstract class X509CRLEntry : X509Extension {
47 
48     /**
49      * Compares this CRL entry for equality with the given
50      * object. If the {@code other} object is an
51      * {@code instanceof} {@code X509CRLEntry}, then
52      * its encoded form (the inner SEQUENCE) is retrieved and compared
53      * with the encoded form of this CRL entry.
54      *
55      * @param other the object to test for equality with this CRL entry.
56      * @return true iff the encoded forms of the two CRL entries
57      * match, false otherwise.
58      */
59     override bool opEquals(Object other) {
60         if (this is other)
61             return true;
62         X509CRLEntry ot = cast(X509CRLEntry)other;
63         if (ot is null)
64             return false;
65         try {
66             byte[] thisCRLEntry = this.getEncoded();
67             byte[] otherCRLEntry = ot.getEncoded();
68 
69             if (thisCRLEntry.length != otherCRLEntry.length)
70                 return false;
71             for (size_t i = 0; i < thisCRLEntry.length; i++)
72                  if (thisCRLEntry[i] != otherCRLEntry[i])
73                      return false;
74         } catch (CRLException ce) {
75             return false;
76         }
77         return true;
78     }
79 
80     /**
81      * Returns a hashcode value for this CRL entry from its
82      * encoded form.
83      *
84      * @return the hashcode value.
85      */
86     override size_t toHash() @trusted nothrow {
87         size_t     retval = 0;
88         try {
89             byte[] entryData = this.getEncoded();
90             for (size_t i = 1; i < entryData.length; i++)
91                  retval += entryData[i] * i;
92 
93         } catch (CRLException ce) {
94             return(retval);
95         }
96         return(retval);
97     }
98 
99     /**
100      * Returns the ASN.1 DER-encoded form of this CRL Entry,
101      * that is the inner SEQUENCE.
102      *
103      * @return the encoded form of this certificate
104      * @exception CRLException if an encoding error occurs.
105      */
106     abstract byte[] getEncoded() nothrow;
107 
108     /**
109      * Gets the serial number from this X509CRLEntry,
110      * the <em>userCertificate</em>.
111      *
112      * @return the serial number.
113      */
114     abstract BigInt getSerialNumber();
115 
116     /**
117      * Get the issuer of the X509Certificate described by this entry. If
118      * the certificate issuer is also the CRL issuer, this method returns
119      * null.
120      *
121      * <p>This method is used with indirect CRLs. The default implementation
122      * always returns null. Subclasses that wish to support indirect CRLs
123      * should override it.
124      *
125      * @return the issuer of the X509Certificate described by this entry
126      * or null if it is issued by the CRL issuer.
127      *
128      * @since 1.5
129      */
130     X500Principal getCertificateIssuer() {
131         return null;
132     }
133 
134     /**
135      * Gets the revocation date from this X509CRLEntry,
136      * the <em>revocationDate</em>.
137      *
138      * @return the revocation date.
139      */
140     abstract Date getRevocationDate();
141 
142     /**
143      * Returns true if this CRL entry has extensions.
144      *
145      * @return true if this entry has extensions, false otherwise.
146      */
147     abstract bool hasExtensions();
148 
149     /**
150      * Returns a string representation of this CRL entry.
151      *
152      * @return a string representation of this CRL entry.
153      */
154     override abstract string toString();
155 
156     /**
157      * Returns the reason the certificate has been revoked, as specified
158      * in the Reason Code extension of this CRL entry.
159      *
160      * @return the reason the certificate has been revoked, or
161      *    {@code null} if this CRL entry does not have
162      *    a Reason Code extension
163      * @since 1.7
164      */
165     CRLReason getRevocationReason() {
166         if (!hasExtensions()) {
167             return CRLReason.UNSPECIFIED;
168         }
169         // return X509CRLEntryImpl.getRevocationReason(this);
170         implementationMissing();
171         return CRLReason.UNSPECIFIED;
172     }
173 }