public static Extension newExtension(
ObjectIdentifier extensionId, boolean critical, byte[] rawExtensionValue) throws IOException {
Extension ext = new Extension();
ext.extensionId = extensionId;
ext.critical = critical;
ext.extensionValue = rawExtensionValue;
return ext;
}
public Set<String> getNonCriticalExtensionOIDs() {
if (extensions == null) {
return null;
}
Set<String> extSet = new TreeSet<>();
for (Extension ex : extensions.getAllExtensions()) {
if (!ex.isCritical()) {
extSet.add(ex.getExtensionId().toString());
}
}
return extSet;
}
public byte[] getExtensionValue(String oid) {
if (extensions == null) {
return null;
}
try {
String extAlias = OIDMap.getName(new ObjectIdentifier(oid));
Extension crlExt = null;
if (extAlias == null) {
ObjectIdentifier findOID = new ObjectIdentifier(oid);
Extension ex = null;
ObjectIdentifier inCertOID;
for (Enumeration<Extension> e = extensions.getElements(); e.hasMoreElements(); ) {
ex = e.nextElement();
inCertOID = ex.getExtensionId();
if (inCertOID.equals((Object) findOID)) {
crlExt = ex;
break;
}
}
} else {
crlExt = extensions.get(extAlias);
}
if (crlExt == null) {
return null;
}
byte[] extData = crlExt.getExtensionValue();
if (extData == null) {
return null;
}
DerOutputStream out = new DerOutputStream();
out.putOctetString(extData);
return out.toByteArray();
} catch (Exception e) {
return null;
}
}
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append("X.509 CRL v" + (version + 1) + "\n");
if (sigAlgId != null) {
sb.append(
"Signature Algorithm: "
+ sigAlgId.toString()
+ ", OID="
+ (sigAlgId.getOID()).toString()
+ "\n");
}
if (issuer != null) {
sb.append("Issuer: " + issuer.toString() + "\n");
}
if (thisUpdate != null) {
sb.append("\nThis Update: " + thisUpdate.toString() + "\n");
}
if (nextUpdate != null) {
sb.append("Next Update: " + nextUpdate.toString() + "\n");
}
if (revokedList.isEmpty()) {
sb.append("\nNO certificates have been revoked\n");
} else {
sb.append("\nRevoked Certificates: " + revokedList.size());
int i = 1;
for (X509CRLEntry entry : revokedList) {
sb.append("\n[" + i++ + "] " + entry.toString());
}
}
if (extensions != null) {
Collection<Extension> allExts = extensions.getAllExtensions();
Object[] objs = allExts.toArray();
sb.append("\nCRL Extensions: " + objs.length);
for (int i = 0; i < objs.length; i++) {
sb.append("\n[" + (i + 1) + "]: ");
Extension ext = (Extension) objs[i];
try {
if (OIDMap.getClass(ext.getExtensionId()) == null) {
sb.append(ext.toString());
byte[] extValue = ext.getExtensionValue();
if (extValue != null) {
DerOutputStream out = new DerOutputStream();
out.putOctetString(extValue);
extValue = out.toByteArray();
HexDumpEncoder enc = new HexDumpEncoder();
sb.append(
"Extension unknown: "
+ "DER encoded OCTET string =\n"
+ enc.encodeBuffer(extValue)
+ "\n");
}
} else {
sb.append(ext.toString());
}
} catch (Exception e) {
sb.append(", Error parsing this extension");
}
}
}
if (signature != null) {
HexDumpEncoder encoder = new HexDumpEncoder();
sb.append("\nSignature:\n" + encoder.encodeBuffer(signature) + "\n");
} else {
sb.append("NOT signed yet\n");
}
return sb.toString();
}
