/** * @param certificateToken the {@code CertificateToken} which is managed by this CRL. */ private void setRevocationStatus(final CertificateToken certificateToken) { final CertificateToken issuerToken = certificateToken.getIssuerToken(); if (!issuerToken.equals(crlValidity.issuerToken)) { if (!crlValidity.signatureIntact) { throw new DSSException(crlValidity.signatureInvalidityReason); } throw new DSSException("The CRLToken is not signed by the same issuer as the CertificateToken to be verified!"); } final BigInteger serialNumber = certificateToken.getSerialNumber(); final X509CRL x509crl = crlValidity.x509CRL; final X509CRLEntry crlEntry = x509crl.getRevokedCertificate(serialNumber); status = null == crlEntry; if (!status) { revocationDate = crlEntry.getRevocationDate(); final String revocationReason = DSSRevocationUtils.getRevocationReason(crlEntry); reason = revocationReason; } }