Example usage for org.bouncycastle.asn1.x509 X509Extension issuingDistributionPoint

List of usage examples for org.bouncycastle.asn1.x509 X509Extension issuingDistributionPoint

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. X509Extension
  6. issuingDistributionPoint

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 X509Extension issuingDistributionPoint.

Prototype

ASN1ObjectIdentifier issuingDistributionPoint

To view the source code for org.bouncycastle.asn1.x509 X509Extension issuingDistributionPoint.

Click Source Link

Document

Issuing Distribution Point

Usage

From source file:mitm.common.security.crl.PKIXRevocationChecker.java

License:Open Source License

private boolean hasUnsupportedCriticalExtensions(X509CRL crl) {
    Set<String> criticalExtensions = crl.getCriticalExtensionOIDs();

    if (criticalExtensions != null) {
        criticalExtensions.remove(X509Extension.issuingDistributionPoint.getId());
        criticalExtensions.remove(X509Extension.deltaCRLIndicator.getId());
        criticalExtensions.remove(X509Extension.cRLNumber.getId());
        /*//from   w  w  w  .  j  a  v  a 2 s  .co m
         * Some issuers (Verisign) add a critcal Authority Key Identifier to the CRL. 
         * 
         * RFC 3280 explicitly says: 
         * 
         * 4.2.1.1  Authority Key Identifier
         * ....
         * This extension MUST NOT be marked critical.
         * 
         * We will therefore ignore this extension if it's critical
         * 
         */
        criticalExtensions.remove(X509Extension.authorityKeyIdentifier.getId());
    }

    return criticalExtensions != null && criticalExtensions.size() > 0;
}