org.bouncycastle.ocsp

Class OCSPReq

public class OCSPReq extends Object implements X509Extension

 OCSPRequest     ::=     SEQUENCE {
       tbsRequest                  TBSRequest,
       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }

   TBSRequest      ::=     SEQUENCE {
       version             [0]     EXPLICIT Version DEFAULT v1,
       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
       requestList                 SEQUENCE OF Request,
       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }

   Signature       ::=     SEQUENCE {
       signatureAlgorithm      AlgorithmIdentifier,
       signature               BIT STRING,
       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}

   Version         ::=             INTEGER  {  v1(0) }

   Request         ::=     SEQUENCE {
       reqCert                     CertID,
       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }

   CertID          ::=     SEQUENCE {
       hashAlgorithm       AlgorithmIdentifier,
       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
       serialNumber        CertificateSerialNumber }

Constructor Summary
	OCSPReq(OCSPRequest req)
	OCSPReq(byte[] req)
	OCSPReq(InputStream in)

Method Summary
CertStore	getCertificates(String type, String provider) If the request is signed return a possibly empty CertStore containing the certificates in the request.
X509Certificate[]	getCerts(String provider)
Set	getCriticalExtensionOIDs()
byte[]	getEncoded() return the ASN.1 encoded representation of this object.
byte[]	getExtensionValue(String oid)
Set	getNonCriticalExtensionOIDs()
X509Extensions	getRequestExtensions()
Req[]	getRequestList()
GeneralName	getRequestorName()
byte[]	getSignature()
String	getSignatureAlgOID() return the object identifier representing the signature algorithm
byte[]	getTBSRequest() Return the DER encoding of the tbsRequest field.
int	getVersion()
boolean	hasUnsupportedCriticalExtension() RFC 2650 doesn't specify any critical extensions so we return true if any are encountered.
boolean	isSigned() Return whether or not this request is signed.
boolean	verify(PublicKey key, String sigProvider) verify the signature against the TBSRequest object we contain.

Constructor Detail

OCSPReq

public OCSPReq(OCSPRequest req)

OCSPReq

public OCSPReq(byte[] req)

OCSPReq

public OCSPReq(InputStream in)

Method Detail

getCertificates

public CertStore getCertificates(String type, String provider)

If the request is signed return a possibly empty CertStore containing the certificates in the request. If the request is not signed the method returns null.

Parameters: type type of CertStore to return provider provider to use

Returns: null if not signed, a CertStore otherwise

Throws: NoSuchAlgorithmException NoSuchProviderException OCSPException