The following extensions are listed in RFC 2459 as relevant to CRLs
Authority Key Identifier
Issuer Alternative Name
CRL Number
Delta CRL Indicator (critical)
Issuing Distribution Point (critical)
getCriticalExtensionOIDs
public Set getCriticalExtensionOIDs()
getEncoded
public byte[] getEncoded()
throws CRLException
getExtensionValue
public byte[] getExtensionValue(String oid)
getIssuerDN
public Principal getIssuerDN()
getIssuerX500Principal
public X500Principal getIssuerX500Principal()
getNextUpdate
public Date getNextUpdate()
getNonCriticalExtensionOIDs
public Set getNonCriticalExtensionOIDs()
getRevokedCertificate
public X509CRLEntry getRevokedCertificate(BigInteger serialNumber)
getRevokedCertificates
public Set getRevokedCertificates()
getSigAlgName
public String getSigAlgName()
getSigAlgOID
public String getSigAlgOID()
getSigAlgParams
public byte[] getSigAlgParams()
getSignature
public byte[] getSignature()
getTBSCertList
public byte[] getTBSCertList()
throws CRLException
getThisUpdate
public Date getThisUpdate()
getVersion
public int getVersion()
hasUnsupportedCriticalExtension
public boolean hasUnsupportedCriticalExtension()
Will return true if any extensions are present and marked
as critical as we currently dont handle any extensions!
isRevoked
public boolean isRevoked(Certificate cert)
Checks whether the given certificate is on this CRL.
cert
- the certificate to check for.
- true if the given certificate is on this CRL,
false otherwise.
toString
public String toString()
Returns a string representation of this CRL.
- a string representation of this CRL.
verify
public void verify(PublicKey key)
throws CRLException,
NoSuchAlgorithmException,
InvalidKeyException,
NoSuchProviderException,
SignatureException
verify
public void verify(PublicKey key,
String sigProvider)
throws CRLException,
NoSuchAlgorithmException,
InvalidKeyException,
NoSuchProviderException,
SignatureException