List of usage examples for org.bouncycastle.asn1.x509 X509Extension deltaCRLIndicator
ASN1ObjectIdentifier deltaCRLIndicator
To view the source code for org.bouncycastle.asn1.x509 X509Extension deltaCRLIndicator.
Click Source Link
From source file:mitm.common.security.crl.PKIXRevocationChecker.java
License:Open Source License
private boolean hasUnsupportedCriticalExtensions(X509CRL crl) { Set<String> criticalExtensions = crl.getCriticalExtensionOIDs(); if (criticalExtensions != null) { criticalExtensions.remove(X509Extension.issuingDistributionPoint.getId()); criticalExtensions.remove(X509Extension.deltaCRLIndicator.getId()); criticalExtensions.remove(X509Extension.cRLNumber.getId()); /*//from w w w. jav a 2s . co m * Some issuers (Verisign) add a critcal Authority Key Identifier to the CRL. * * RFC 3280 explicitly says: * * 4.2.1.1 Authority Key Identifier * .... * This extension MUST NOT be marked critical. * * We will therefore ignore this extension if it's critical * */ criticalExtensions.remove(X509Extension.authorityKeyIdentifier.getId()); } return criticalExtensions != null && criticalExtensions.size() > 0; }
From source file:mitm.common.security.crl.X509CRLInspector.java
License:Open Source License
/** * Returns the deltaIndicator extension//from ww w.java 2 s . c om */ public static BigInteger getDeltaIndicator(X509CRL crl) throws IOException { BigInteger deltaIndicator = null; ASN1Object derDeltaCRLIndicator = ASN1Utils.getExtensionValue(crl, X509Extension.deltaCRLIndicator.getId()); if (derDeltaCRLIndicator != null) { /* CRL number must be a positive number */ deltaIndicator = CRLNumber.getInstance(derDeltaCRLIndicator).getCRLNumber(); } return deltaIndicator; }