List of usage examples for org.bouncycastle.asn1.ocsp OCSPObjectIdentifiers id_pkix_ocsp_response
ASN1ObjectIdentifier id_pkix_ocsp_response
To view the source code for org.bouncycastle.asn1.ocsp OCSPObjectIdentifiers id_pkix_ocsp_response.
Click Source Link
From source file:org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean.java
License:Open Source License
private void assertAcceptableResponseExtension(OCSPReq req) throws OcspFailureException { if (null == req) { throw new IllegalArgumentException(); }// w w w.ja v a2 s . c om if (req.hasExtensions()) { final Extension acceptableResponsesExtension = req .getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_response); if (acceptableResponsesExtension != null) { // RFC 6960 4.4.3 AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER final ASN1Sequence sequence = ASN1Sequence .getInstance(acceptableResponsesExtension.getExtnValue().getOctets()); @SuppressWarnings("unchecked") final Enumeration<ASN1ObjectIdentifier> oids = sequence.getObjects(); boolean supportsResponseType = false; while (oids.hasMoreElements()) { final ASN1ObjectIdentifier oid = oids.nextElement(); if (oid.equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic)) { // This is the response type we support, so we are happy! Break the loop. supportsResponseType = true; if (log.isDebugEnabled()) { log.debug("Response type supported: " + oid.getId()); } break; } } if (!supportsResponseType) { final String msg = "Required response type not supported, this responder only supports id-pkix-ocsp-basic."; log.info("OCSP Request type not supported: " + msg); throw new OcspFailureException(msg); } } } }
From source file:org.cesecore.certificates.ocsp.CanLogCache.java
License:Open Source License
private BasicOCSPRespGenerator createOcspResponseGenerator(OCSPReq req, X509Certificate respondercert, int respIdType) throws OCSPException, NotSupportedException { if (null == req) { throw new IllegalArgumentException(); }// www. j ava 2 s. c om BasicOCSPRespGenerator res = null; if (respIdType == OcspConfiguration.RESPONDERIDTYPE_NAME) { res = new BasicOCSPRespGenerator(new RespID(respondercert.getSubjectX500Principal())); } else { res = new BasicOCSPRespGenerator(respondercert.getPublicKey()); } X509Extensions reqexts = req.getRequestExtensions(); if (reqexts != null) { X509Extension ext = reqexts.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_response); if (null != ext) { // log.debug("Found extension AcceptableResponses"); ASN1OctetString oct = ext.getValue(); try { ASN1Sequence seq = ASN1Sequence.getInstance( new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject()); @SuppressWarnings("unchecked") Enumeration<DERObjectIdentifier> en = seq.getObjects(); boolean supportsResponseType = false; while (en.hasMoreElements()) { DERObjectIdentifier oid = en.nextElement(); // log.debug("Found oid: "+oid.getId()); if (oid.equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic)) { // This is the response type we support, so we are happy! Break the loop. supportsResponseType = true; log.debug("Response type supported: " + oid.getId()); continue; } } if (!supportsResponseType) { throw new NotSupportedException( "Required response type not supported, this responder only supports id-pkix-ocsp-basic."); } } catch (IOException e) { } } } return res; }
From source file:org.ejbca.core.protocol.ocsp.OCSPUtil.java
License:Open Source License
public static BasicOCSPRespGenerator createOCSPResponse(OCSPReq req, X509Certificate respondercert, int respIdType) throws OCSPException, NotSupportedException { if (null == req) { throw new IllegalArgumentException(); }/*w w w . j a v a 2 s . com*/ BasicOCSPRespGenerator res = null; if (respIdType == OcspConfiguration.RESPONDERIDTYPE_NAME) { res = new BasicOCSPRespGenerator(new RespID(respondercert.getSubjectX500Principal())); } else { res = new BasicOCSPRespGenerator(respondercert.getPublicKey()); } X509Extensions reqexts = req.getRequestExtensions(); if (reqexts != null) { X509Extension ext = reqexts.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_response); if (null != ext) { //m_log.debug("Found extension AcceptableResponses"); ASN1OctetString oct = ext.getValue(); try { ASN1Sequence seq = ASN1Sequence.getInstance( new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject()); Enumeration en = seq.getObjects(); boolean supportsResponseType = false; while (en.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier) en.nextElement(); //m_log.debug("Found oid: "+oid.getId()); if (oid.equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic)) { // This is the response type we support, so we are happy! Break the loop. supportsResponseType = true; m_log.debug("Response type supported: " + oid.getId()); continue; } } if (!supportsResponseType) { throw new NotSupportedException( "Required response type not supported, this responder only supports id-pkix-ocsp-basic."); } } catch (IOException e) { } } } return res; }