Examples of org.bouncycastle.cert.ocsp.OCSPReq

• org.bouncycastle.cert.ocsp.OCSPReq

            url = CertificateUtil.getOCSPURL(checkCert);
        }
        if (url == null)
            return null;
        LOGGER.info("Getting OCSP from " + url);
        OCSPReq request = generateOCSPRequest(rootCert, checkCert.getSerialNumber());
        byte[] array = request.getEncoded();
        URL urlt = new URL(url);
        HttpURLConnection con = (HttpURLConnection)urlt.openConnection();
        con.setRequestProperty("Content-Type", "application/ocsp-request");
        con.setRequestProperty("Accept", "application/ocsp-response");
        con.setDoOutput(true);

            url = CertificateUtil.getOCSPURL(checkCert);
        }
        if (url == null)
            return null;
        LOGGER.info("Getting OCSP from " + url);
        OCSPReq request = generateOCSPRequest(rootCert, checkCert.getSerialNumber());
        byte[] array = request.getEncoded();
        URL urlt = new URL(url);
        HttpURLConnection con = (HttpURLConnection)urlt.openConnection();
        con.setRequestProperty("Content-Type", "application/ocsp-request");
        con.setRequestProperty("Accept", "application/ocsp-response");
        con.setDoOutput(true);

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Response invalid") };
      }

        Extensions exts = new Extensions(ext);

        OCSPReqBuilder ocspReqBuilder = new OCSPReqBuilder();
        ocspReqBuilder.addRequest(certId);
        ocspReqBuilder.setRequestExtensions(exts);
        OCSPReq ocspReq = ocspReqBuilder.build();


        SubjectPublicKeyInfo keyInfo = new SubjectPublicKeyInfo
            (CertificateID.HASH_SHA1, ocspResponderCertificate.getPublicKey().getEncoded());

        BasicOCSPRespBuilder basicOCSPRespBuilder = new BasicOCSPRespBuilder(keyInfo, digestCalc);
        basicOCSPRespBuilder.setResponseExtensions(exts);

        // request processing
        Req[] requestList = ocspReq.getRequestList();
        for (Req ocspRequest : requestList) {
            CertificateID certificateID = ocspRequest.getCertID();
            CertificateStatus certificateStatus = CertificateStatus.GOOD;
            if (revoked) {
                certificateStatus = new RevokedStatus(new Date(), CRLReason.privilegeWithdrawn);

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Certificate not valid") };
      }
      return new ValidationError[0];

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Certificate not valid") };
      }
      return new ValidationError[0];

      if (url == null) {
        CoreLog.getInstance().getLog().info("No url found for validation");
        return false;
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() == OCSPResponseStatus.SUCCESSFUL) {
        return true;
      }
      return false;

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Response invalid") };
      }

  @Override
  public OCSPResponse generate(final OCSPRequest request) {
    try {
      BouncyCastleOCSPRequest bcRequest = new BouncyCastleOCSPRequest(request);

      OCSPReq ocspReq = new OCSPReq(request.getRequest());

      SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.getInstance(bcRequest.getIssuerCertificate().getPublicKey().getEncoded());

      JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
      digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
      DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();
      DigestCalculator digestCalculator = digestCalculatorProvider.get(CertificateID.HASH_SHA1);

      BasicOCSPRespBuilder builder = new BasicOCSPRespBuilder(keyInfo, digestCalculator);

      Extension ocspNonce = ocspReq.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
      if (ocspNonce != null) {
        builder.setResponseExtensions(new Extensions(new Extension[] { ocspNonce }));
      }

      Req[] list = ocspReq.getRequestList();
      for (Req req : list) {
        CertificateID certificateID = req.getCertID();
        BigInteger serialNumber = certificateID.getSerialNumber();

        RevokeReason reason = request.getValidator().validate(serialNumber);