static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos) { List others = new ArrayList(); for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();) { ASN1Encodable info = (ASN1Encodable)it.next(); if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(otherRevocationInfoFormat)) { OCSPResponse resp = OCSPResponse.getInstance(info); if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL) { throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData"); } } others.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, info))); } return others; }
/** * Parse a {@link CertificateStatus} from an {@link InputStream}. * * @param input * the {@link InputStream} to parse from. * @return a {@link CertificateStatus} object. * @throws IOException */ public static CertificateStatus parse(InputStream input) throws IOException { short status_type = TlsUtils.readUint8(input); Object response; switch (status_type) { case CertificateStatusType.ocsp: { byte[] derEncoding = TlsUtils.readOpaque24(input); response = OCSPResponse.getInstance(TlsUtils.readDERObject(derEncoding)); break; } default: throw new TlsFatalAlert(AlertDescription.decode_error); } return new CertificateStatus(status_type, response); }
private CertEtcToken(ASN1TaggedObject choice) { this.tagNo = choice.getTagNo(); switch (tagNo) { case TAG_CERTIFICATE: value = Certificate.getInstance(choice, false); break; case TAG_ESSCERTID: value = ESSCertID.getInstance(choice.getObject()); break; case TAG_PKISTATUS: value = PKIStatusInfo.getInstance(choice, false); break; case TAG_ASSERTION: value = ContentInfo.getInstance(choice.getObject()); break; case TAG_CRL: value = CertificateList.getInstance(choice, false); break; case TAG_OCSPCERTSTATUS: value = CertStatus.getInstance(choice.getObject()); break; case TAG_OCSPCERTID: value = CertID.getInstance(choice, false); break; case TAG_OCSPRESPONSE: value = OCSPResponse.getInstance(choice, false); break; case TAG_CAPABILITIES: value = SMIMECapabilities.getInstance(choice.getObject()); break; default: throw new IllegalArgumentException("Unknown tag: " + tagNo); } }
public OCSPResp build( int status, Object response) throws OCSPException { if (response == null) { return new OCSPResp(new OCSPResponse(new OCSPResponseStatus(status), null)); } if (response instanceof BasicOCSPResp) { BasicOCSPResp r = (BasicOCSPResp)response; ASN1OctetString octs; try { octs = new DEROctetString(r.getEncoded()); } catch (IOException e) { throw new OCSPException("can't encode object.", e); } ResponseBytes rb = new ResponseBytes( OCSPObjectIdentifiers.id_pkix_ocsp_basic, octs); return new OCSPResp(new OCSPResponse( new OCSPResponseStatus(status), rb)); } throw new OCSPException("unknown response object"); }
public OCSPResponse getOCSPResponse() { if (!isCorrectType(CertificateStatusType.ocsp, response)) { throw new IllegalStateException("'response' is not an OCSPResponse"); } return (OCSPResponse)response; }
/** * Encode this {@link CertificateStatus} to an {@link OutputStream}. * * @param output * the {@link OutputStream} to encode to. * @throws IOException */ public void encode(OutputStream output) throws IOException { TlsUtils.writeUint8(statusType, output); switch (statusType) { case CertificateStatusType.ocsp: byte[] derEncoding = ((OCSPResponse) response).getEncoded(ASN1Encoding.DER); TlsUtils.writeOpaque24(derEncoding, output); break; default: throw new TlsFatalAlert(AlertDescription.internal_error); } }
protected static boolean isCorrectType(short statusType, Object response) { switch (statusType) { case CertificateStatusType.ocsp: return response instanceof OCSPResponse; default: throw new IllegalArgumentException("'statusType' is an unsupported value"); } }
private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat) { if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat())) { OCSPResponse resp = OCSPResponse.getInstance(infoFormat.getInfo()); if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL) { throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData"); } } }
/** * Convert a BasicOCSPResp in OCSPResp (connection status is set to * SUCCESSFUL). * * @param basicOCSPResp * @return */ public static final OCSPResp fromBasicToResp(final byte[] basicOCSPResp) { final OCSPResponseStatus responseStatus = new OCSPResponseStatus(OCSPResponseStatus.SUCCESSFUL); final DEROctetString derBasicOCSPResp = new DEROctetString(basicOCSPResp); final ResponseBytes responseBytes = new ResponseBytes(OCSPObjectIdentifiers.id_pkix_ocsp_basic, derBasicOCSPResp); final OCSPResponse ocspResponse = new OCSPResponse(responseStatus, responseBytes); final OCSPResp ocspResp = new OCSPResp(ocspResponse); // !!! todo to be checked: System.out.println("===> RECREATED: " + // ocspResp.hashCode()); return ocspResp; }
public OCSPResp generate( int status, Object response) throws OCSPException { if (response == null) { return new OCSPResp(new OCSPResponse(new OCSPResponseStatus(status),null)); } if (response instanceof BasicOCSPResp) { BasicOCSPResp r = (BasicOCSPResp)response; ASN1OctetString octs; try { octs = new DEROctetString(r.getEncoded()); } catch (IOException e) { throw new OCSPException("can't encode object.", e); } ResponseBytes rb = new ResponseBytes( OCSPObjectIdentifiers.id_pkix_ocsp_basic, octs); return new OCSPResp(new OCSPResponse( new OCSPResponseStatus(status), rb)); } throw new OCSPException("unknown response object"); }
