--- /dev/null
+
+package org.bouncycastle.asn1.x509;
+
+import org.bouncycastle.asn1.*;
+import org.bouncycastle.asn1.pkcs.*;
+
+/**
+ * PKIX RFC-2459
+ *
+ * The X.509 v2 CRL syntax is as follows. For signature calculation,
+ * the data that is to be signed is ASN.1 DER encoded.
+ *
+ * <pre>
+ * CertificateList ::= SEQUENCE {
+ * tbsCertList TBSCertList,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signatureValue BIT STRING }
+ * </pre>
+ */
+
+public class CertificateList
+ implements DEREncodable
+{
+ DERConstructedSequence seq;
+
+ TBSCertList tbsCertList;
+ AlgorithmIdentifier sigAlgId;
+ DERBitString sig;
+
+ public CertificateList(
+ DERConstructedSequence seq)
+ {
+ this.seq = seq;
+
+ if ( seq.getObjectAt(0) instanceof TBSCertList )
+ {
+ tbsCertList = (TBSCertList)seq.getObjectAt(0);
+ }
+ else
+ {
+ tbsCertList = new TBSCertList((DERConstructedSequence)seq.getObjectAt(0));
+ }
+
+ if ( seq.getObjectAt(1) instanceof AlgorithmIdentifier )
+ {
+ sigAlgId = (AlgorithmIdentifier)seq.getObjectAt(1);
+ }
+ else
+ {
+ sigAlgId = new AlgorithmIdentifier((DERConstructedSequence)seq.getObjectAt(1));
+ }
+
+ sig = (DERBitString)seq.getObjectAt(2);
+ }
+
+ public TBSCertList getTBSCertList()
+ {
+ return tbsCertList;
+ }
+
+ public TBSCertList.CRLEntry[] getRevokedCertificates()
+ {
+ return tbsCertList.getRevokedCertificates();
+ }
+
+ public AlgorithmIdentifier getSignatureAlgorithm()
+ {
+ return sigAlgId;
+ }
+
+ public DERBitString getSignature()
+ {
+ return sig;
+ }
+
+ public int getVersion()
+ {
+ return tbsCertList.getVersion();
+ }
+
+ public X509Name getIssuer()
+ {
+ return tbsCertList.getIssuer();
+ }
+
+ public DERUTCTime getThisUpdate()
+ {
+ return tbsCertList.getThisUpdate();
+ }
+
+ public DERUTCTime getNextUpdate()
+ {
+ return tbsCertList.getNextUpdate();
+ }
+
+ public DERObject getDERObject()
+ {
+ return seq;
+ }
+}
+