Package org.bouncycastle.cert.ocsp

Examples of org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder

278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
       
        SubjectPublicKeyInfo keyInfo = new SubjectPublicKeyInfo
            (CertificateID.HASH_SHA1, ocspResponderCertificate.getPublicKey().getEncoded());
       
        BasicOCSPRespBuilder basicOCSPRespBuilder = new BasicOCSPRespBuilder(keyInfo, digestCalc);
        basicOCSPRespBuilder.setResponseExtensions(exts);

        // request processing
        Req[] requestList = ocspReq.getRequestList();
        for (Req ocspRequest : requestList) {
            CertificateID certificateID = ocspRequest.getCertID();
            CertificateStatus certificateStatus = CertificateStatus.GOOD;
            if (revoked) {
                certificateStatus = new RevokedStatus(new Date(), CRLReason.privilegeWithdrawn);
            }
            basicOCSPRespBuilder.addResponse(certificateID, certificateStatus);
        }

        // basic response generation
        X509CertificateHolder[] chain = null;
        if (!ocspResponderCertificate.equals(issuerCertificate)) {
            // TODO: HorribleProxy can't convert array input params yet
            chain = new X509CertificateHolder[] {
                new X509CertificateHolder(ocspResponderCertificate.getEncoded()),
                issuerHolder
            };
        }
       
        ContentSigner contentSigner = new JcaContentSignerBuilder("SHA1withRSA")
            .setProvider("BC").build(ocspResponderPrivateKey);
        BasicOCSPResp basicOCSPResp = basicOCSPRespBuilder.build(contentSigner, chain, new Date(nonceTimeinMillis));

       
        OCSPRespBuilder ocspRespBuilder = new OCSPRespBuilder();
        OCSPResp ocspResp = ocspRespBuilder.build(OCSPRespBuilder.SUCCESSFUL, basicOCSPResp);
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
      JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
      digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
      DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();
      DigestCalculator digestCalculator = digestCalculatorProvider.get(CertificateID.HASH_SHA1);

      BasicOCSPRespBuilder builder = new BasicOCSPRespBuilder(keyInfo, digestCalculator);

      Extension ocspNonce = ocspReq.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
      if (ocspNonce != null) {
        builder.setResponseExtensions(new Extensions(new Extension[] { ocspNonce }));
      }

      Req[] list = ocspReq.getRequestList();
      for (Req req : list) {
        CertificateID certificateID = req.getCertID();
        BigInteger serialNumber = certificateID.getSerialNumber();

        RevokeReason reason = request.getValidator().validate(serialNumber);
        if (reason == null) {
          builder.addResponse(certificateID, CertificateStatus.GOOD);
        } else {
          builder.addResponse(certificateID, new RevokedStatus(new Date(), reason.getCode()));
        }
      }

      JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(bcRequest.getSignAlgorithm());
      contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
      ContentSigner contentSigner = contentSignerBuilder.build(bcRequest.getIssuerPrivateKey());

      X509CertificateHolder[] chain = new X509CertificateHolder[] { new X509CertificateHolder(bcRequest.getIssuerCertificate().getEncoded()) };

      BasicOCSPResp basicResp = builder.build(contentSigner, chain, new Date());
      OCSPResp ocspResp = new OCSPRespBuilder().build(OCSPRespBuilder.SUCCESSFUL, basicResp);

      OCSPResponse response = new OCSPResponse(ocspResp.getEncoded());
      return response;
    } catch (Exception e) {
View Full Code Here
TOP

Related Classes of org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder

  • br.net.woodstock.rockframework.security.cert.impl.BouncyCastleOCSPGenerator
  • org.apache.poi.poifs.crypt.PkiTestUtils
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.