Oracle Security Developer Tools PKI SDK OCSP Java API Reference
10g Release 2 (10.1.2.0.2)

B15562-01


oracle.security.crypto.ocsp
Class BasicOCSPResponse

java.lang.Object
  extended byoracle.security.crypto.ocsp.ResponseInfo
      extended byoracle.security.crypto.ocsp.BasicOCSPResponse


public class BasicOCSPResponse
extends ResponseInfo

A Basic OCSP response.

Note: A Basic OCSP Response MUST be signed by the reponder before being sent or output.


Constructor Summary
BasicOCSPResponse(java.io.InputStream is)
BasicOCSPResponse(oracle.security.crypto.cert.X500Name responder)
Creates a new BasicOCSPResponse with the given name for identification.

Method Summary
void addRespExtension(oracle.security.crypto.cert.X509Extension ext)
Adds an extension to this response.
void addResponse(SingleBasicResponse response)
Adds a response to this BasicOCSPResponse object.
void addSigVerifyCert(oracle.security.crypto.cert.X509 cert)
Adds a certificate to the certificate chain of this response.
java.util.Date getProducedAt()
Gets the time when this response was signed.
oracle.security.crypto.cert.X509Extension getRespExtension(ASN1ObjectID type)
Gets the extension if it exists of this response for the given type.
oracle.security.crypto.cert.X509ExtensionSet getRespExtensions()
Gets the extensions of this response.
oracle.security.crypto.cert.X500Name getResponder()
Gets the responder's name.
byte[] getResponderKeyHash()
Gets the hash of the repsonder's public key.
ASN1ObjectID getResponseType()
Gets the response type of this basic response.
AlgorithmIdentifier getSigAlgID()
Gets the algorithm identifier used for the signature.
byte[] getSigBytes()
Gets the signature.
java.util.Vector getSigVerifyCerts()
Gets the certificate chain.
void input(java.io.InputStream is)
int length()
void output(java.io.OutputStream os)
java.util.Enumeration responses()
Gets the responses of this BasicOCSPResponse object.
void setRespExtensions(oracle.security.crypto.cert.X509ExtensionSet extensionSet)
Sets the extensions of this response with the given extension set.
void sign(PrivateKey signingKey)
Signs this response using the given private key.
void sign(PrivateKey signingKey, AlgorithmIdentifier sigAlgID)
Signs this response using the given private key and signature algorithm.
java.lang.String toString()
boolean verifySignature(PublicKey verifyKey)
Verifies the signature with the given key.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

BasicOCSPResponse

public BasicOCSPResponse(oracle.security.crypto.cert.X500Name responder)
Creates a new BasicOCSPResponse with the given name for identification.
Parameters:
responder - A GeneralName used to identify the entity that respond.

BasicOCSPResponse

public BasicOCSPResponse(java.io.InputStream is)
                  throws java.io.IOException

Method Detail

getResponseType

public ASN1ObjectID getResponseType()
Gets the response type of this basic response.
Specified by:
getResponseType in class ResponseInfo
Returns:
An ASN1ObjectID representing the type of this response.

getResponder

public oracle.security.crypto.cert.X500Name getResponder()
Gets the responder's name.
Returns:
A X500Name representing the responder's name. Returns null if the responder's key hash is set.

getResponderKeyHash

public byte[] getResponderKeyHash()
Gets the hash of the repsonder's public key.
Returns:
A byte[] representing the sha1 digest of the public key. Returns null if the responder's name is set.

getProducedAt

public java.util.Date getProducedAt()
Gets the time when this response was signed.
Returns:
A Date object representing the time of the creation of the signature.

responses

public java.util.Enumeration responses()
Gets the responses of this BasicOCSPResponse object.
Returns:
An Enumeration of SingleBasicResponse object.

addResponse

public void addResponse(SingleBasicResponse response)
Adds a response to this BasicOCSPResponse object.
Parameters:
response - The SingleBasicResponse to add to this object.

addRespExtension

public void addRespExtension(oracle.security.crypto.cert.X509Extension ext)
Adds an extension to this response.
Parameters:
ext - The X509Extension to add.

setRespExtensions

public void setRespExtensions(oracle.security.crypto.cert.X509ExtensionSet extensionSet)
Sets the extensions of this response with the given extension set.
Parameters:
extensionSet - The extensions to set.

getRespExtension

public oracle.security.crypto.cert.X509Extension getRespExtension(ASN1ObjectID type)
Gets the extension if it exists of this response for the given type.
Parameters:
type - The ASN1ObjectID representing the type of the X509Extension.
Returns:
A X509Extension object, or null if the extension is missing.

getRespExtensions

public oracle.security.crypto.cert.X509ExtensionSet getRespExtensions()
Gets the extensions of this response.
Returns:
A X509ExtensionSet object containing the extensions of this response, or null if there is no extension.

sign

public void sign(PrivateKey signingKey)
          throws SignatureException
Signs this response using the given private key.

Note: Any modifications to the request contents after sigining will make the signature invalid. The sign method must then be invoked again for a valid signature to be included in the output request.

Parameters:
signingKey - The private key to use to generate the signature.
Throws:
SignatureException

sign

public void sign(PrivateKey signingKey,
                 AlgorithmIdentifier sigAlgID)
          throws SignatureException
Signs this response using the given private key and signature algorithm.

Note: Any modifications to the request contents after sigining will make the signature invalid. The sign method must then be invoked again for a valid signature to be included in the output request.

Parameters:
signingKey - the private key to use to generate the signature.
sigAlgID - an AlgorithmIdentifier compatible with the signing key.
Throws:
SignatureException

addSigVerifyCert

public void addSigVerifyCert(oracle.security.crypto.cert.X509 cert)
Adds a certificate to the certificate chain of this response.
Parameters:
cert - The X509 certificateto add.

getSigVerifyCerts

public java.util.Vector getSigVerifyCerts()
Gets the certificate chain.
Returns:
A Vector of X509 certifictes.

getSigAlgID

public AlgorithmIdentifier getSigAlgID()
Gets the algorithm identifier used for the signature.
Returns:
The AlgorithmIdentifier object used for the generation of the signature.

getSigBytes

public byte[] getSigBytes()
Gets the signature.
Returns:
A byte[] representing the signature of this response.

verifySignature

public boolean verifySignature(PublicKey verifyKey)
                        throws AuthenticationException
Verifies the signature with the given key.
Parameters:
verifyKey - The public key to use for the verification.
Returns:
A boolean value: true if the signature is valid.
Throws:
AuthenticationException

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Throws:
java.io.IOException

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Throws:
java.io.IOException

length

public int length()

toString

public java.lang.String toString()

Oracle Security Developer Tools PKI SDK OCSP Java API Reference
10g Release 2 (10.1.2.0.2)

B15562-01


Copyright © 2005 , Oracle. All rights reserved.