Class PlainCRLStoreSpi

  • Direct Known Subclasses:
    OpensslCRLStoreSpi

    public class PlainCRLStoreSpi
    extends AbstractCRLStoreSPI
    Handles an in-memory CRL store.

    CRLs may be provided as URLs or local files. If the CRL is provided as a local file (i.e. is not an absolute URL) then it can contain wildcard characters ('*', '?'). In case of wildcard locations, the actual file list is regenerated on each update.

    All CRLs are loaded and parsed to establish CA->CRL mapping. This mapping is updated after the updateInterval time is passed.

    Faulty CRL locations together with the respective errors can be obtained by using a listener.

    It is possible to pass more then one location of CRLs of the same CA.

    The class is implemented in an asynchronous mode: CRLs are resolved on regular intervals (or only once on startup). The CRL searching is independent of the updates. It can block to download, read and subsequently parse a CRL if it is not present in the in-memory cache.

    CRLs downloaded from a remote URL (http or ftp) can be cached on a local disk. If the update task can not download the CRL which was previously cached on disk, then the version from disk is returned.

    This class is thread safe.

    Author:
    K. Benedyczak