org.bouncycastle.ocsp

Class OCSPReq

public class OCSPReq extends Object implements X509Extension

 OCSPRequest     ::=     SEQUENCE {
       tbsRequest                  TBSRequest,
       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }

   TBSRequest      ::=     SEQUENCE {
       version             [0]     EXPLICIT Version DEFAULT v1,
       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
       requestList                 SEQUENCE OF Request,
       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }

   Signature       ::=     SEQUENCE {
       signatureAlgorithm      AlgorithmIdentifier,
       signature               BIT STRING,
       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}

   Version         ::=             INTEGER  {  v1(0) }

   Request         ::=     SEQUENCE {
       reqCert                     CertID,
       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }

   CertID          ::=     SEQUENCE {
       hashAlgorithm       AlgorithmIdentifier,
       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
       serialNumber        CertificateSerialNumber }
 
Constructor Summary
OCSPReq(OCSPRequest req)
OCSPReq(byte[] req)
OCSPReq(InputStream in)
Method Summary
CertStoregetCertificates(String type, String provider)
If the request is signed return a possibly empty CertStore containing the certificates in the request.
X509Certificate[]getCerts(String provider)
SetgetCriticalExtensionOIDs()
byte[]getEncoded()
return the ASN.1 encoded representation of this object.
byte[]getExtensionValue(String oid)
SetgetNonCriticalExtensionOIDs()
X509ExtensionsgetRequestExtensions()
Req[]getRequestList()
GeneralNamegetRequestorName()
byte[]getSignature()
StringgetSignatureAlgOID()
return the object identifier representing the signature algorithm
byte[]getTBSRequest()
Return the DER encoding of the tbsRequest field.
intgetVersion()
booleanhasUnsupportedCriticalExtension()
RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.
booleanisSigned()
Return whether or not this request is signed.
booleanverify(PublicKey key, String sigProvider)
verify the signature against the TBSRequest object we contain.

Constructor Detail

OCSPReq

public OCSPReq(OCSPRequest req)

OCSPReq

public OCSPReq(byte[] req)

OCSPReq

public OCSPReq(InputStream in)

Method Detail

getCertificates

public CertStore getCertificates(String type, String provider)
If the request is signed return a possibly empty CertStore containing the certificates in the request. If the request is not signed the method returns null.

Parameters: type type of CertStore to return provider provider to use

Returns: null if not signed, a CertStore otherwise

Throws: NoSuchAlgorithmException NoSuchProviderException OCSPException

getCerts

public X509Certificate[] getCerts(String provider)

getCriticalExtensionOIDs

public Set getCriticalExtensionOIDs()

getEncoded

public byte[] getEncoded()
return the ASN.1 encoded representation of this object.

getExtensionValue

public byte[] getExtensionValue(String oid)

getNonCriticalExtensionOIDs

public Set getNonCriticalExtensionOIDs()

getRequestExtensions

public X509Extensions getRequestExtensions()

getRequestList

public Req[] getRequestList()

getRequestorName

public GeneralName getRequestorName()

getSignature

public byte[] getSignature()

getSignatureAlgOID

public String getSignatureAlgOID()
return the object identifier representing the signature algorithm

getTBSRequest

public byte[] getTBSRequest()
Return the DER encoding of the tbsRequest field.

Returns: DER encoding of tbsRequest

Throws: OCSPException in the event of an encoding error.

getVersion

public int getVersion()

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()
RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.

Returns: true if any critical extensions are present.

isSigned

public boolean isSigned()
Return whether or not this request is signed.

Returns: true if signed false otherwise.

verify

public boolean verify(PublicKey key, String sigProvider)
verify the signature against the TBSRequest object we contain.