org.bouncycastle.ocsp
public class OCSPReq extends Object implements X509Extension
OCSPRequest ::= SEQUENCE { tbsRequest TBSRequest, optionalSignature [0] EXPLICIT Signature OPTIONAL } TBSRequest ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, requestorName [1] EXPLICIT GeneralName OPTIONAL, requestList SEQUENCE OF Request, requestExtensions [2] EXPLICIT Extensions OPTIONAL } Signature ::= SEQUENCE { signatureAlgorithm AlgorithmIdentifier, signature BIT STRING, certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL} Version ::= INTEGER { v1(0) } Request ::= SEQUENCE { reqCert CertID, singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } CertID ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier, issuerNameHash OCTET STRING, -- Hash of Issuer's DN issuerKeyHash OCTET STRING, -- Hash of Issuers public key serialNumber CertificateSerialNumber }
Constructor Summary | |
---|---|
OCSPReq(OCSPRequest req) | |
OCSPReq(byte[] req) | |
OCSPReq(InputStream in) |
Method Summary | |
---|---|
CertStore | getCertificates(String type, String provider)
If the request is signed return a possibly empty CertStore containing the certificates in the
request. |
X509Certificate[] | getCerts(String provider) |
Set | getCriticalExtensionOIDs() |
byte[] | getEncoded()
return the ASN.1 encoded representation of this object. |
byte[] | getExtensionValue(String oid) |
Set | getNonCriticalExtensionOIDs() |
X509Extensions | getRequestExtensions() |
Req[] | getRequestList() |
GeneralName | getRequestorName() |
byte[] | getSignature() |
String | getSignatureAlgOID()
return the object identifier representing the signature algorithm |
byte[] | getTBSRequest()
Return the DER encoding of the tbsRequest field. |
int | getVersion() |
boolean | hasUnsupportedCriticalExtension()
RFC 2650 doesn't specify any critical extensions so we return true
if any are encountered.
|
boolean | isSigned()
Return whether or not this request is signed.
|
boolean | verify(PublicKey key, String sigProvider)
verify the signature against the TBSRequest object we contain. |
Parameters: type type of CertStore to return provider provider to use
Returns: null if not signed, a CertStore otherwise
Throws: NoSuchAlgorithmException NoSuchProviderException OCSPException
Returns: DER encoding of tbsRequest
Throws: OCSPException in the event of an encoding error.
Returns: true if any critical extensions are present.
Returns: true if signed false otherwise.