List of usage examples for org.bouncycastle.asn1.ocsp OCSPResponse getInstance
public static OCSPResponse getInstance(Object obj)
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESOCSPSource.java
License:Open Source License
@Override public List<BasicOCSPResp> getContainedOCSPResponses() { final List<BasicOCSPResp> list = new ArrayList<BasicOCSPResp>(); // Add OCSPs from SignedData {/*from ww w. j a v a2 s .c o m*/ final Store otherRevocationInfo = cmsSignedData .getOtherRevocationInfo(OCSPObjectIdentifiers.id_pkix_ocsp_basic); final Collection otherRevocationInfoMatches = otherRevocationInfo.getMatches(null); final ASN1Encodable[] matches = (ASN1Encodable[]) otherRevocationInfoMatches .toArray(new ASN1Encodable[otherRevocationInfoMatches.size()]); for (final ASN1Encodable asn1Encodable : matches) { final BasicOCSPResponse basicOcspResponse = BasicOCSPResponse.getInstance(asn1Encodable); final BasicOCSPResp basicOCSPResp = new BasicOCSPResp(basicOcspResponse); list.add(basicOCSPResp); } } { final Store otherRevocationInfo = cmsSignedData .getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response); final Collection otherRevocationInfoMatches = otherRevocationInfo.getMatches(null); final ASN1Encodable[] matches = (ASN1Encodable[]) otherRevocationInfoMatches .toArray(new ASN1Encodable[otherRevocationInfoMatches.size()]); for (final ASN1Encodable asn1Encodable : matches) { final OCSPResponse ocspResponse = OCSPResponse.getInstance(asn1Encodable); final OCSPResp ocspResp = new OCSPResp(ocspResponse); try { final Object responseObject = ocspResp.getResponseObject(); if (responseObject instanceof BasicOCSPResp) { BasicOCSPResp basicOCSPResp = (BasicOCSPResp) responseObject; list.add(basicOCSPResp); } } catch (OCSPException e) { throw new DSSException(e); } } } // Adds OCSP responses in -XL id_aa_ets_revocationValues inside SignerInfo attribute if present if (signerInformation != null) { final AttributeTable attributes = signerInformation.getUnsignedAttributes(); if (attributes != null) { final Attribute attribute = attributes.get(PKCSObjectIdentifiers.id_aa_ets_revocationValues); /* ETSI TS 101 733 V2.2.1 (2013-04) page 43 6.3.4 revocation-values Attribute Definition This attribute is used to contain the revocation information required for the following forms of extended electronic signature: CAdES-X Long, ES X-Long Type 1, and CAdES-X Long Type 2, see clause B.1.1 for an illustration of this form of electronic signature. The revocation-values attribute is an unsigned attribute. Only a single instance of this attribute shall occur with an electronic signature. It holds the values of CRLs and OCSP referenced in the complete-revocation-references attribute. RevocationValues ::= SEQUENCE { crlVals [0] SEQUENCE OF CertificateList OPTIONAL, ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL, otherRevVals [2] OtherRevVals OPTIONAL} */ if (attribute != null) { final ASN1Set attrValues = attribute.getAttrValues(); final ASN1Encodable attValue = attrValues.getObjectAt(0); final RevocationValues revValues = RevocationValues.getInstance(attValue); for (final BasicOCSPResponse revValue : revValues.getOcspVals()) { final BasicOCSPResp ocspResp = new BasicOCSPResp(revValue); list.add(ocspResp); } /* TODO: should add also OtherRevVals, but: "The syntax and semantics of the other revocation values (OtherRevVals) are outside the scope of the present document. The definition of the syntax of the other form of revocation information is as identified by OtherRevRefType." */ } } } /* TODO (pades): Read revocation data from from unsigned attribute 1.2.840.113583.1.1.8 In the PKCS #7 object of a digital signature in a PDF file, identifies a signed attribute that "can include all the revocation information that is necessary to carry out revocation checks for the signer's certificate and its issuer certificates." Defined as adbe-revocationInfoArchival { adbe(1.2.840.113583) acrobat(1) security(1) 8 } in "PDF Reference, fifth edition: Adobe Portable Document Format, Version 1.6" Adobe Systems Incorporated, 2004. http://partners.adobe.com/public/developer/en/pdf/PDFReference16.pdf page 698 RevocationInfoArchival ::= SEQUENCE { crl [0] EXPLICIT SEQUENCE of CRLs, OPTIONAL ocsp [1] EXPLICIT SEQUENCE of OCSP Responses, OPTIONAL otherRevInfo [2] EXPLICIT SEQUENCE of OtherRevInfo, OPTIONAL } OtherRevInfo ::= SEQUENCE { Type OBJECT IDENTIFIER Value OCTET STRING } */ // TODO: (Bob: 2013 Dec 03) --> NICOLAS: Is there any other container within the CAdES signature with revocation data? (ie: timestamp) return list; }
From source file:org.jnotary.dvcs.CertEtcToken.java
License:Open Source License
private CertEtcToken(Object obj) { if (obj instanceof X509Extension) { extension = null; //TODO: Das muss verstanden werden } else {// w w w.ja v a2 s. c o m ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; switch (tagObj.getTagNo()) { case 0: certificate = Certificate.getInstance(tagObj.getObject()); break; case 1: esscertid = ESSCertID.getInstance(tagObj.getObject()); break; case 2: pkistatus = PKIStatusInfo.getInstance(tagObj.getObject()); break; case 3: assertion = ContentInfo.getInstance(tagObj.getObject()); break; case 4: crl = CertificateList.getInstance(tagObj.getObject()); break; case 5: ocspcertstatus = CertStatus.getInstance(tagObj.getObject()); break; case 6: oscpcertid = CertID.getInstance(tagObj.getObject()); break; case 7: oscpresponse = OCSPResponse.getInstance(tagObj.getObject()); break; case 8: capabilities = SMIMECapabilities.getInstance(tagObj.getObject()); break; } } }
From source file:support.revocation.OCSP.java
License:Apache License
/** * Performs the given OCSP request to the given URL * @return the received OCSP response//w ww . j av a 2 s. c o m * @param url * @param request * @throws IOException * @throws SocketTimeoutException */ private static OCSPResponse performOCSPRequest(URL url, OCSPRequest request, int timeoutMillis) throws IOException { try { // setup connection URLConnection connection = url.openConnection(); if (timeoutMillis >= 0) { connection.setConnectTimeout(timeoutMillis); connection.setReadTimeout(timeoutMillis); } connection.setRequestProperty("Content-Type", "application/ocsp-request"); connection.setRequestProperty("Accept", "application/ocsp-response"); connection.setDoOutput(true); // send request try (OutputStream stream = connection.getOutputStream(); BufferedOutputStream bufferedStream = new BufferedOutputStream(stream); DataOutputStream dataStream = new DataOutputStream(bufferedStream)) { dataStream.write(request.getEncoded()); } // process HTTP ststus code if (connection instanceof HttpURLConnection && ((HttpURLConnection) connection).getResponseCode() / 100 != 2) throw new FileNotFoundException(url.toString()); // receive response try (InputStream stream = connection.getInputStream(); BufferedInputStream bufferedStream = new BufferedInputStream(stream); ASN1InputStream asn1stream = new ASN1InputStream(bufferedStream)) { return OCSPResponse.getInstance(asn1stream.readObject()); } } catch (ClassCastException | IllegalArgumentException e) { throw new IOException(e); } }