Examples of sun.security.provider.certpath.OCSPResponse

• sun.security.provider.certpath.OCSPResponse
  This class is used to process an OCSP response. The OCSP Response is defined in RFC 2560 and the ASN.1 encoding is as follows:

   OCSPResponse ::= SEQUENCE { responseStatus         OCSPResponseStatus, responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL } OCSPResponseStatus ::= ENUMERATED { successful            (0),  --Response has valid confirmations malformedRequest      (1),  --Illegal confirmation request internalError         (2),  --Internal error in issuer tryLater              (3),  --Try again later --(4) is not used sigRequired           (5),  --Must sign the request unauthorized          (6)   --Request unauthorized } ResponseBytes ::=       SEQUENCE { responseType   OBJECT IDENTIFIER, response       OCTET STRING } BasicOCSPResponse       ::= SEQUENCE { tbsResponseData      ResponseData, signatureAlgorithm   AlgorithmIdentifier, signature            BIT STRING, certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } The value for signature SHALL be computed on the hash of the DER encoding ResponseData. ResponseData ::= SEQUENCE { version              [0] EXPLICIT Version DEFAULT v1, responderID              ResponderID, producedAt               GeneralizedTime, responses                SEQUENCE OF SingleResponse, responseExtensions   [1] EXPLICIT Extensions OPTIONAL } ResponderID ::= CHOICE { byName               [1] Name, byKey                [2] KeyHash } KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key (excluding the tag and length fields) SingleResponse ::= SEQUENCE { certID                       CertID, certStatus                   CertStatus, thisUpdate                   GeneralizedTime, nextUpdate         [0]       EXPLICIT GeneralizedTime OPTIONAL, singleExtensions   [1]       EXPLICIT Extensions OPTIONAL } CertStatus ::= CHOICE { good        [0]     IMPLICIT NULL, revoked     [1]     IMPLICIT RevokedInfo, unknown     [2]     IMPLICIT UnknownInfo } RevokedInfo ::= SEQUENCE { revocationTime              GeneralizedTime, revocationReason    [0]     EXPLICIT CRLReason OPTIONAL } UnknownInfo ::= NULL -- this can be replaced with an enumeration 

  @author Ram Marti

                ("Exception while encoding OCSPRequest", ce);
        } catch (IOException ioe) {
            throw new CertPathValidatorException
                ("Exception while encoding OCSPRequest", ioe);
        }
        OCSPResponse ocspResponse = check(Collections.singletonList(certId),
            responderURI, responderCert, date);
        return (RevocationStatus) ocspResponse.getSingleResponse(certId);
    }

                    throw ioe;
                }
            }
        }

        OCSPResponse ocspResponse = null;
        try {
            ocspResponse = new OCSPResponse(response, date, responderCert);
        } catch (IOException ioe) {
            // response decoding exception
            throw new CertPathValidatorException(ioe);
        }
        if (ocspResponse.getResponseStatus() != ResponseStatus.SUCCESSFUL) {
            throw new CertPathValidatorException
                ("OCSP response error: " + ocspResponse.getResponseStatus());
        }

        // Check that the response includes a response for all of the
        // certs that were supplied in the request
        for (CertId certId : certIds) {
            SingleResponse sr = ocspResponse.getSingleResponse(certId);
            if (sr == null) {
                if (debug != null) {
                    debug.println("No response found for CertId: " + certId);
                }
                throw new CertPathValidatorException(