Examples of OCSPReq

• org.bouncycastle.cert.ocsp.OCSPReq
• org.bouncycastle.ocsp.OCSPReq

   OCSPRequest     ::=     SEQUENCE { tbsRequest                  TBSRequest, optionalSignature   [0]     EXPLICIT Signature OPTIONAL } TBSRequest      ::=     SEQUENCE { version             [0]     EXPLICIT Version DEFAULT v1, requestorName       [1]     EXPLICIT GeneralName OPTIONAL, requestList                 SEQUENCE OF Request, requestExtensions   [2]     EXPLICIT Extensions OPTIONAL } Signature       ::=     SEQUENCE { signatureAlgorithm      AlgorithmIdentifier, signature               BIT STRING, certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL} Version         ::=             INTEGER  {  v1(0) } Request         ::=     SEQUENCE { reqCert                     CertID, singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL } CertID          ::=     SEQUENCE { hashAlgorithm       AlgorithmIdentifier, issuerNameHash      OCTET STRING, -- Hash of Issuer's DN issuerKeyHash       OCTET STRING, -- Hash of Issuers public key serialNumber        CertificateSerialNumber } 

  @deprecated use classes in org.bouncycastle.cert.ocsp.

Examples of org.bouncycastle.cert.ocsp.OCSPReq

            url = CertificateUtil.getOCSPURL(checkCert);
        }
        if (url == null)
            return null;
        LOGGER.info("Getting OCSP from " + url);
        OCSPReq request = generateOCSPRequest(rootCert, checkCert.getSerialNumber());
        byte[] array = request.getEncoded();
        URL urlt = new URL(url);
        HttpURLConnection con = (HttpURLConnection)urlt.openConnection();
        con.setRequestProperty("Content-Type", "application/ocsp-request");
        con.setRequestProperty("Accept", "application/ocsp-response");
        con.setDoOutput(true);

Examples of org.bouncycastle.cert.ocsp.OCSPReq

            url = CertificateUtil.getOCSPURL(checkCert);
        }
        if (url == null)
            return null;
        LOGGER.info("Getting OCSP from " + url);
        OCSPReq request = generateOCSPRequest(rootCert, checkCert.getSerialNumber());
        byte[] array = request.getEncoded();
        URL urlt = new URL(url);
        HttpURLConnection con = (HttpURLConnection)urlt.openConnection();
        con.setRequestProperty("Content-Type", "application/ocsp-request");
        con.setRequestProperty("Accept", "application/ocsp-response");
        con.setDoOutput(true);

Examples of org.bouncycastle.cert.ocsp.OCSPReq

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Response invalid") };
      }

Examples of org.bouncycastle.cert.ocsp.OCSPReq

        Extensions exts = new Extensions(ext);

        OCSPReqBuilder ocspReqBuilder = new OCSPReqBuilder();
        ocspReqBuilder.addRequest(certId);
        ocspReqBuilder.setRequestExtensions(exts);
        OCSPReq ocspReq = ocspReqBuilder.build();


        SubjectPublicKeyInfo keyInfo = new SubjectPublicKeyInfo
            (CertificateID.HASH_SHA1, ocspResponderCertificate.getPublicKey().getEncoded());

        BasicOCSPRespBuilder basicOCSPRespBuilder = new BasicOCSPRespBuilder(keyInfo, digestCalc);
        basicOCSPRespBuilder.setResponseExtensions(exts);

        // request processing
        Req[] requestList = ocspReq.getRequestList();
        for (Req ocspRequest : requestList) {
            CertificateID certificateID = ocspRequest.getCertID();
            CertificateStatus certificateStatus = CertificateStatus.GOOD;
            if (revoked) {
                certificateStatus = new RevokedStatus(new Date(), CRLReason.privilegeWithdrawn);

Examples of org.bouncycastle.cert.ocsp.OCSPReq

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Certificate not valid") };
      }
      return new ValidationError[0];

Examples of org.bouncycastle.cert.ocsp.OCSPReq

      if (url == null) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "No url found for validation") };
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() != OCSPResponseStatus.SUCCESSFUL) {
        return new ValidationError[] { new ValidationError(OCSPCertificateValidator.VALIDATOR_NAME, "Certificate not valid") };
      }
      return new ValidationError[0];

Examples of org.bouncycastle.cert.ocsp.OCSPReq

      if (url == null) {
        CoreLog.getInstance().getLog().info("No url found for validation");
        return false;
      }

      OCSPReq req = this.buildRequest(x509Certificate, x509Issuer);
      OCSPResp resp = this.sendRequest(req, url);
      if (resp.getStatus() == OCSPResponseStatus.SUCCESSFUL) {
        return true;
      }
      return false;

Examples of org.bouncycastle.ocsp.OCSPReq

        // basic request generation
        //
        OCSPReqGenerator gen = new OCSPReqGenerator();
        gen.addRequest(id);

        OCSPReq req = gen.generate();

        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }

        X509Certificate[] certs = req.getCerts("BC");

        if (certs != null)
        {
            fail("null certs expected, but not found");
        }

        Req[] requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        //
        // request generation with signing
        //
        X509Certificate[] chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        chain[0] = testCert;

        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");

        if (!req.isSigned())
        {
            fail("not signed but should be");
        }

        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }

        requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        certs = req.getCerts("BC");

        if (certs == null)
        {
            fail("null certs found");
        }

        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }

        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();

        OCSPReq newReq = new OCSPReq(reqEnc);

        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }

        //

Examples of org.bouncycastle.ocsp.OCSPReq

        OCSPReqGenerator gen = new OCSPReqGenerator();

        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        OCSPReq req = gen.generate();

        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }

        X509Certificate[] certs = req.getCerts("BC");

        if (certs != null)
        {
            fail("null certs expected, but not found");
        }

        Req[] requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        //
        // request generation with signing
        //
        X509Certificate[] chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        chain[0] = testCert;

        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");

        if (!req.isSigned())
        {
            fail("not signed but should be");
        }

        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }

        requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        certs = req.getCerts("BC");

        if (certs == null)
        {
            fail("null certs found");
        }

        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }

        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();

        OCSPReq newReq = new OCSPReq(reqEnc);

        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }

        //

Examples of org.bouncycastle.ocsp.OCSPReq

    }

    private void testIrregularVersionReq()
        throws Exception
    {
        OCSPReq ocspRequest = new OCSPReq(irregReq);
        X509Certificate cert = ocspRequest.getCerts("BC")[0];
        if (!ocspRequest.verify(cert.getPublicKey(), "BC"))
        {
            fail("extra version encoding test failed");
        }
    }