org.bouncycastle.ocsp

Class OCSPReq

Implemented Interfaces:
java.security.cert.X509Extension

public class OCSPReq
extends java.lang.Object
implements java.security.cert.X509Extension

 OCSPRequest     ::=     SEQUENCE {
       tbsRequest                  TBSRequest,
       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }

   TBSRequest      ::=     SEQUENCE {
       version             [0]     EXPLICIT Version DEFAULT v1,
       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
       requestList                 SEQUENCE OF Request,
       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }

   Signature       ::=     SEQUENCE {
       signatureAlgorithm      AlgorithmIdentifier,
       signature               BIT STRING,
       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}

   Version         ::=             INTEGER  {  v1(0) }

   Request         ::=     SEQUENCE {
       reqCert                     CertID,
       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }

   CertID          ::=     SEQUENCE {
       hashAlgorithm       AlgorithmIdentifier,
       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
       serialNumber        CertificateSerialNumber }
 

Constructor Summary

OCSPReq(InputStream in)
OCSPReq(byte[] req)
OCSPReq(OCSPRequest req)

Method Summary

CertStore
getCertificates(String type, String provider)
If the request is signed return a possibly empty CertStore containing the certificates in the request.
X509Certificate[]
getCerts(String provider)
Set
getCriticalExtensionOIDs()
byte[]
getEncoded()
return the ASN.1 encoded representation of this object.
byte[]
getExtensionValue(String oid)
Set
getNonCriticalExtensionOIDs()
X509Extensions
getRequestExtensions()
Req[]
getRequestList()
GeneralName
getRequestorName()
byte[]
getSignature()
String
getSignatureAlgOID()
return the object identifier representing the signature algorithm
byte[]
getTBSRequest()
Return the DER encoding of the tbsRequest field.
int
getVersion()
boolean
hasUnsupportedCriticalExtension()
RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.
boolean
isSigned()
Return whether or not this request is signed.
boolean
verify(PublicKey key, String sigProvider)
verify the signature against the TBSRequest object we contain.

Constructor Details

OCSPReq

public OCSPReq(InputStream in)
            throws IOException

OCSPReq

public OCSPReq(byte[] req)
            throws IOException

OCSPReq

public OCSPReq(OCSPRequest req)

Method Details

getCertificates

public CertStore getCertificates(String type,
                                 String provider)
            throws NoSuchAlgorithmException,
                   NoSuchProviderException,
                   OCSPException
If the request is signed return a possibly empty CertStore containing the certificates in the request. If the request is not signed the method returns null.
Parameters:
type - type of CertStore to return
provider - provider to use
Returns:
null if not signed, a CertStore otherwise
Throws:
OCSPException -

getCerts

public X509Certificate[] getCerts(String provider)
            throws OCSPException,
                   NoSuchProviderException

getCriticalExtensionOIDs

public Set getCriticalExtensionOIDs()

getEncoded

public byte[] getEncoded()
            throws IOException
return the ASN.1 encoded representation of this object.

getExtensionValue

public byte[] getExtensionValue(String oid)

getNonCriticalExtensionOIDs

public Set getNonCriticalExtensionOIDs()

getRequestExtensions

public X509Extensions getRequestExtensions()

getRequestList

public Req[] getRequestList()

getRequestorName

public GeneralName getRequestorName()

getSignature

public byte[] getSignature()

getSignatureAlgOID

public String getSignatureAlgOID()
return the object identifier representing the signature algorithm

getTBSRequest

public byte[] getTBSRequest()
            throws OCSPException
Return the DER encoding of the tbsRequest field.
Returns:
DER encoding of tbsRequest
Throws:
OCSPException - in the event of an encoding error.

getVersion

public int getVersion()

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()
RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.
Returns:
true if any critical extensions are present.

isSigned

public boolean isSigned()
Return whether or not this request is signed.
Returns:
true if signed false otherwise.

verify

public boolean verify(PublicKey key,
                      String sigProvider)
            throws OCSPException,
                   NoSuchProviderException
verify the signature against the TBSRequest object we contain.