old.org.bouncycastle.ocsp

Class OCSPReq

java.lang.Object

old.org.bouncycastle.ocsp.OCSPReq

All Implemented Interfaces:

X509Extension

public class OCSPReq
extends Object
implements X509Extension

 OCSPRequest     ::=     SEQUENCE {
       tbsRequest                  TBSRequest,
       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }

   TBSRequest      ::=     SEQUENCE {
       version             [0]     EXPLICIT Version DEFAULT v1,
       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
       requestList                 SEQUENCE OF Request,
       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }

   Signature       ::=     SEQUENCE {
       signatureAlgorithm      AlgorithmIdentifier,
       signature               BIT STRING,
       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}

   Version         ::=             INTEGER  {  v1(0) }

   Request         ::=     SEQUENCE {
       reqCert                     CertID,
       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }

   CertID          ::=     SEQUENCE {
       hashAlgorithm       AlgorithmIdentifier,
       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
       serialNumber        CertificateSerialNumber }
 

Constructor Summary

Constructors

Constructor and Description
OCSPReq(byte[] req)
OCSPReq(InputStream in)
OCSPReq(OCSPRequest req)

Method Summary

Modifier and Type	Method and Description
CertStore	getCertificates(String type, String provider) If the request is signed return a possibly empty CertStore containing the certificates in the request.
X509Certificate[]	getCerts(String provider)
Set	getCriticalExtensionOIDs()
byte[]	getEncoded() return the ASN.1 encoded representation of this object.
byte[]	getExtensionValue(String oid)
Set	getNonCriticalExtensionOIDs()
X509Extensions	getRequestExtensions()
Req[]	getRequestList()
GeneralName	getRequestorName()
byte[]	getSignature()
String	getSignatureAlgOID() return the object identifier representing the signature algorithm
byte[]	getTBSRequest() Return the DER encoding of the tbsRequest field.
int	getVersion()
boolean	hasUnsupportedCriticalExtension() RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.
boolean	isSigned() Return whether or not this request is signed.
boolean	verify(PublicKey key, String sigProvider) verify the signature against the TBSRequest object we contain.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OCSPReq

public OCSPReq(OCSPRequest req)

OCSPReq

public OCSPReq(byte[] req)
        throws IOException

Throws:

IOException

OCSPReq

public OCSPReq(InputStream in)
        throws IOException

Throws:

IOException

Method Detail

getTBSRequest

public byte[] getTBSRequest()
                     throws OCSPException

Return the DER encoding of the tbsRequest field.

Returns:

DER encoding of tbsRequest

Throws:

OCSPException - in the event of an encoding error.

getVersion

public int getVersion()

getRequestorName

public GeneralName getRequestorName()

getRequestList

public Req[] getRequestList()

getRequestExtensions

public X509Extensions getRequestExtensions()

getSignatureAlgOID

public String getSignatureAlgOID()

return the object identifier representing the signature algorithm

getSignature

public byte[] getSignature()

getCerts

public X509Certificate[] getCerts(String provider)
                           throws OCSPException,
                                  NoSuchProviderException

Throws:

OCSPException

NoSuchProviderException

getCertificates

public CertStore getCertificates(String type,
                                 String provider)
                          throws NoSuchAlgorithmException,
                                 NoSuchProviderException,
                                 OCSPException

If the request is signed return a possibly empty CertStore containing the certificates in the request. If the request is not signed the method returns null.

Parameters:

type - type of CertStore to return

provider - provider to use

Returns:

null if not signed, a CertStore otherwise

Throws:

NoSuchAlgorithmException

NoSuchProviderException

OCSPException

isSigned

public boolean isSigned()

Return whether or not this request is signed.

Returns:

true if signed false otherwise.

verify

public boolean verify(PublicKey key,
                      String sigProvider)
               throws OCSPException,
                      NoSuchProviderException

verify the signature against the TBSRequest object we contain.

Throws:

OCSPException

NoSuchProviderException

getEncoded

public byte[] getEncoded()
                  throws IOException

return the ASN.1 encoded representation of this object.

Throws:

IOException

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()

RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.

Specified by:

hasUnsupportedCriticalExtension in interface X509Extension

Returns:

true if any critical extensions are present.

getCriticalExtensionOIDs

public Set getCriticalExtensionOIDs()

Specified by:

getCriticalExtensionOIDs in interface X509Extension

getNonCriticalExtensionOIDs

public Set getNonCriticalExtensionOIDs()

Specified by:

getNonCriticalExtensionOIDs in interface X509Extension

getExtensionValue

public byte[] getExtensionValue(String oid)

Specified by:

getExtensionValue in interface X509Extension