Class OcspClientBouncyCastle

  • All Implemented Interfaces:
    OcspClient

    public class OcspClientBouncyCastle
    extends Object
    implements OcspClient
    OcspClient implementation using BouncyCastle.
    Author:
    Paulo Soarees
    • Constructor Detail

      • OcspClientBouncyCastle

        @Deprecated
        public OcspClientBouncyCastle()
        Deprecated.
        Create default implemention of OcspClient. Note, if you use this constructor, OCSP response will not be verified.
      • OcspClientBouncyCastle

        public OcspClientBouncyCastle​(OCSPVerifier verifier)
        Create OcspClient
        Parameters:
        verifier - will be used for response verification. {@see OCSPVerifier}.
    • Method Detail

      • getBasicOCSPResp

        public org.bouncycastle.cert.ocsp.BasicOCSPResp getBasicOCSPResp​(X509Certificate checkCert,
                                                                         X509Certificate rootCert,
                                                                         String url)
        Gets OCSP response. If {@see OCSPVerifier} was setted, the response will be checked.
      • getEncoded

        public byte[] getEncoded​(X509Certificate checkCert,
                                 X509Certificate rootCert,
                                 String url)
        Gets an encoded byte array with OCSP validation. The method should not throw an exception.
        Specified by:
        getEncoded in interface OcspClient
        Parameters:
        checkCert - to certificate to check
        rootCert - the parent certificate
        url - to get the verification. It it's null it will be taken from the check cert or from other implementation specific source
        Returns:
        a byte array with the validation or null if the validation could not be obtained