本文整理汇总了Java中org.bouncycastle.ocsp.OCSPResp类的典型用法代码示例。如果您正苦于以下问题:Java OCSPResp类的具体用法?Java OCSPResp怎么用?Java OCSPResp使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
OCSPResp类属于org.bouncycastle.ocsp包,在下文中一共展示了OCSPResp类的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifyRespStatus
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
/**
* Helper method to verify response status
* @param resp OCSP response
* @throws DigiDocException if the response status is not ok
*/
private void verifyRespStatus(OCSPResp resp)
throws DigiDocException
{
int status = resp.getStatus();
switch (status) {
case OCSPRespStatus.INTERNAL_ERROR: m_logger.error("An internal error occured in the OCSP Server!"); break;
case OCSPRespStatus.MALFORMED_REQUEST: m_logger.error("Your request did not fit the RFC 2560 syntax!"); break;
case OCSPRespStatus.SIGREQUIRED: m_logger.error("Your request was not signed!"); break;
case OCSPRespStatus.TRY_LATER: m_logger.error("The server was too busy to answer you!"); break;
case OCSPRespStatus.UNAUTHORIZED: m_logger.error("The server could not authenticate you!"); break;
case OCSPRespStatus.SUCCESSFUL: break;
default: m_logger.error("Unknown OCSPResponse status code! "+status);
}
if(resp == null || resp.getStatus() != OCSPRespStatus.SUCCESSFUL)
throw new DigiDocException(DigiDocException.ERR_OCSP_UNSUCCESSFULL,
"OCSP response unsuccessfull! ", null);
}
示例2: parseAndVerifyResponse
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
/**
* Check the response and parse it's data.
* @param sig Signature object
* @param resp OCSP response
* @param nonce1 nonve value used for request
* @param notaryCert notarys own cert
* @returns Notary object
*/
private Notary parseAndVerifyResponse(Signature sig, OCSPResp resp,
byte[] nonce1/*, X509Certificate notaryCert*/)
throws DigiDocException
{
String notId = sig.getId().replace('S', 'N');
X509Certificate sigCert = sig.getKeyInfo().getSignersCertificate();
return parseAndVerifyResponse(sig, notId, sigCert, resp, nonce1, null, null);
}
示例3: sendRequest
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
/**
* Sends the OCSP request to Notary and
* retrieves the response
* @param req OCSP request
* @param httpFrom HTTP_FROM value (optional)
* @returns OCSP response
*/
private OCSPResp sendRequest(OCSPReq req, String httpFrom, String format, String formatVer)
throws DigiDocException
{
String responderUrl = ConfigManager.instance().
getProperty("DIGIDOC_OCSP_RESPONDER_URL");
return sendRequestToUrl(req, responderUrl, httpFrom, format, formatVer);
}
示例4: xtractNextUpdate
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
private Date xtractNextUpdate(OCSPResp ocspResponse) throws OCSPQueryException {
int status = ocspResponse.getStatus();
switch (status) {
// case OCSPRespStatus.SUCCESSFUL:
// break;
// case OCSPResp.INTERNAL_ERROR:
// case OCSPRespStatus.MALFORMED_REQUEST:
// case OCSPRespStatus.SIGREQUIRED:
// case OCSPRespStatus.TRY_LATER:
// case OCSPRespStatus.UNAUTHORIZED:
case OCSPResp.SUCCESSFUL:
break;
case OCSPResp.INTERNAL_ERROR:
case OCSPResp.MALFORMED_REQUEST:
case OCSPResp.SIG_REQUIRED:
case OCSPResp.TRY_LATER:
case OCSPResp.UNAUTHORIZED:
throw new OCSPQueryException(
"OCSP Error: " //$NON-NLS-1$
+ Integer.toString(status));
default:
throw new OCSPQueryException("***"); //$NON-NLS-1$
}
try {
BasicOCSPResp bresp = (BasicOCSPResp) ocspResponse
.getResponseObject();
if (bresp == null) {
throw new OCSPQueryException("***"); //$NON-NLS-1$
}
// X509Certificate[] ocspcerts = bresp.getCerts(Messages
// .getString("ValidateSignAndCertBase.71")); //$NON-NLS-1$
// Verify all except trusted anchor
// for (i = 0; i < ocspcerts.length - 1; i++) {
// ocspcerts[i].verify(ocspcerts[i + 1].getPublicKey());
// }
// if (rootcert != null) {
// ocspcerts[i].verify(rootcert.getPublicKey());
// }
SingleResp[] certstat = bresp.getResponses();
for (SingleResp singleResp : certstat) {
// if (singleResp.getCertStatus() == null) {
// return true;
// }
if (singleResp.getCertStatus() instanceof RevokedStatus) {
throw new RevokedException();
}
return singleResp.getNextUpdate();
}
} catch (Exception e) {
throw new OCSPQueryException(e);
}
return null;
}
示例5: xchangeOcsp
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
private OCSPResp xchangeOcsp(String ocspUrl, OCSPReq req)
throws MalformedURLException, IOException, OCSPQueryException {
URL url = new URL(ocspUrl);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setAllowUserInteraction(false);
con.setDoInput(true);
con.setDoOutput(true);
con.setUseCaches(false);
con.setInstanceFollowRedirects(false);
con.setRequestMethod("POST"); //$NON-NLS-1$
con
.setRequestProperty(
"Content-Length", Integer.toString(req //$NON-NLS-1$
.getEncoded().length));
con
.setRequestProperty(
"Content-Type", "application/ocsp-request"); //$NON-NLS-1$ //$NON-NLS-2$
con.connect();
OutputStream os = con.getOutputStream();
os.write(req.getEncoded());
os.close();
if (con.getResponseCode() != HttpURLConnection.HTTP_OK) {
throw new OCSPQueryException("Server did not respond with HTTP_OK(200) but with "
+ con.getResponseCode());
}
if ((con.getContentType() == null)
|| !con.getContentType().equals(
"application/ocsp-response")) { //$NON-NLS-1$
throw new OCSPQueryException("Response MIME type is not application/ocsp-response"); //$NON-NLS-1$
}
// Read response
InputStream reader = con.getInputStream();
int resplen = con.getContentLength();
byte[] ocspResponseEncoded = new byte[resplen];
int offset = 0;
int bread;
while ((resplen > 0)
&& (bread = reader.read(ocspResponseEncoded, offset, resplen)) != -1) {
offset += bread;
resplen -= bread;
}
reader.close();
con.disconnect();
return new OCSPResp(ocspResponseEncoded);
}
示例6: checkCertificate
import org.bouncycastle.ocsp.OCSPResp; //导入依赖的package包/类
/**
* Verifies the certificate by creating an OCSP request
* and sending it to SK server.
* @param cert certificate to verify
* @param httpFrom HTTP_FROM optional argument
* @throws DigiDocException if the certificate is not valid
* @return ocsp response
*/
public OCSPResp checkCertificate(X509Certificate cert)
throws DigiDocException
{
return checkCertificate(cert, composeHttpFrom());
}