Skip navigation links

oracle.security.crypto.ocsp
Class BasicOCSPResponse

java.lang.Object
oracle.security.crypto.ocsp.ResponseInfo
oracle.security.crypto.ocsp.BasicOCSPResponse

All Implemented Interfaces:

oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable

public class BasicOCSPResponse

extends ResponseInfo

A Basic OCSP response.

Note: A Basic OCSP Response MUST be signed by the reponder before being sent or output.

Constructor Summary

BasicOCSPResponse(java.io.InputStream is)

BasicOCSPResponse(java.security.PublicKey respKey)
Creates a new BasicOCSPResponse with the given responder's public key.

BasicOCSPResponse(javax.security.auth.x500.X500Principal responder)
Creates a new BasicOCSPResponse with the given name for identification.

Method Summary

void	addRespExtension(oracle.security.crypto.cert.X509Extension ext) Adds an extension to this response.
void	addResponse(SingleBasicResponse response) Adds a response to this BasicOCSPResponse object.
void	addSigVerifyCert(java.security.cert.X509Certificate cert) Adds a certificate to the certificate chain of this response.
java.util.Date	getProducedAt() Gets the time when this response was signed.
oracle.security.crypto.cert.X509Extension	getRespExtension(oracle.security.crypto.asn1.ASN1ObjectID type) Gets the extension if it exists of this response for the given type.
oracle.security.crypto.cert.X509ExtensionSet	getRespExtensions() Gets the extensions of this response.
javax.security.auth.x500.X500Principal	getResponder() Gets the responder's name.
byte[]	getResponderKeyHash() Gets the hash of the repsonder's public key.
oracle.security.crypto.asn1.ASN1ObjectID	getResponseType() Gets the response type of this basic response.
oracle.security.crypto.core.AlgorithmIdentifier	getSigAlgID() Gets the algorithm identifier used for the signature.
byte[]	getSigBytes() Gets the signature.
java.util.Vector	getSigVerifyCerts() Gets the certificate chain.
void	input(java.io.InputStream is)
int	length()
void	output(java.io.OutputStream os)
java.util.Enumeration	responses() Gets the responses of this BasicOCSPResponse object.
void	setRespExtensions(oracle.security.crypto.cert.X509ExtensionSet extensionSet) Sets the extensions of this response with the given extension set.
void	sign(java.security.PrivateKey signingKey) Signs this response using the given private key.
void	sign(java.security.PrivateKey signingKey, oracle.security.crypto.core.AlgorithmIdentifier sigAlgID) Signs this response using the given private key and signature algorithm.
java.lang.String	toString()
boolean	verifySignature(java.security.PublicKey verifyKey) Verifies the signature with the given key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

BasicOCSPResponse

public BasicOCSPResponse(javax.security.auth.x500.X500Principal responder)

Creates a new BasicOCSPResponse with the given name for identification.

Parameters:

responder - A GeneralName used to identify the entity that respond.

BasicOCSPResponse

public BasicOCSPResponse(java.security.PublicKey respKey)
                  throws java.security.NoSuchAlgorithmException

Creates a new BasicOCSPResponse with the given responder's public key.

Note the changes in the method signature

Previously public BasicOCSPResponse (oracle.security.crypto.core.PublicKey)

Now public BasicOCSPResponse (java.security.PublicKey )

Note the change in the exceptions declared to be thrown.

Exceptions no longer thrown - AlgorithmIdentifierException

Exceptions introduced - NoSuchAlgorithmException

Parameters:

respKey - The key that will be sha1 hashed to identify the entity that respond.

Throws:

java.security.NoSuchAlgorithmException

BasicOCSPResponse

public BasicOCSPResponse(java.io.InputStream is)
                  throws java.io.IOException

Throws:

java.io.IOException

Method Detail

getResponseType

public oracle.security.crypto.asn1.ASN1ObjectID getResponseType()

Gets the response type of this basic response.

Specified by:

getResponseType in class ResponseInfo

Returns:

An ASN1ObjectID representing the type of this response.

getResponder

public javax.security.auth.x500.X500Principal getResponder()

Gets the responder's name.

Returns:

A X500Name representing the responder's name. Returns null if the responder's key hash is set.

getResponderKeyHash

public byte[] getResponderKeyHash()

Gets the hash of the repsonder's public key.

Returns:

A byte[] representing the sha1 digest of the public key. Returns null if the responder's name is set.

getProducedAt

public java.util.Date getProducedAt()

Gets the time when this response was signed.

Returns:

A Date object representing the time of the creation of the signature.

responses

public java.util.Enumeration responses()

Gets the responses of this BasicOCSPResponse object.

Returns:

An Enumeration of SingleBasicResponse object.

addResponse

public void addResponse(SingleBasicResponse response)

Adds a response to this BasicOCSPResponse object.

Parameters:

response - The SingleBasicResponse to add to this object.

addRespExtension

public void addRespExtension(oracle.security.crypto.cert.X509Extension ext)

Adds an extension to this response.

Parameters:

ext - The X509Extension to add.

setRespExtensions

public void setRespExtensions(oracle.security.crypto.cert.X509ExtensionSet extensionSet)

Sets the extensions of this response with the given extension set.

Parameters:

extensionSet - The extensions to set.

getRespExtension

public oracle.security.crypto.cert.X509Extension getRespExtension(oracle.security.crypto.asn1.ASN1ObjectID type)

Gets the extension if it exists of this response for the given type.

Parameters:

type - The ASN1ObjectID representing the type of the X509Extension.

Returns:

A X509Extension object, or null if the extension is missing.

getRespExtensions

public oracle.security.crypto.cert.X509ExtensionSet getRespExtensions()

Gets the extensions of this response.

Returns:

A X509ExtensionSet object containing the extensions of this response, or null if there is no extension.

sign

public void sign(java.security.PrivateKey signingKey)
          throws java.security.SignatureException

Signs this response using the given private key.

Note: Any modifications to the request contents after sigining will make the signature invalid. The sign method must then be invoked again for a valid signature to be included in the output request.

Note the changes in the method signature

Previously public void sign (oracle.security.crypto.core.PrivateKey)

Now public void sign (java.security.PrivateKey )

Note the change in the exceptions declared to be thrown.

Exceptions no longer thrown - oracle.security.crypto.core.SignatureException

Exceptions introduced - java.security.SignatureException

Parameters:

signingKey - The private key to use to generate the signature.

Throws:

java.security.SignatureException

sign

public void sign(java.security.PrivateKey signingKey,
                 oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)
          throws java.security.SignatureException

Signs this response using the given private key and signature algorithm.

Note: Any modifications to the request contents after sigining will make the signature invalid. The sign method must then be invoked again for a valid signature to be included in the output request.

Note the changes in the method signature

Previously public void sign (oracle.security.crypto.core.PrivateKey ,AlgorithmIdentifier))

Now public void sign (java.security.PrivateKey ,AlgorithmIdentifier)

Note the change in the exceptions declared to be thrown.

Exceptions no longer thrown - oracle.security.crypto.core.SignatureIdentifierException

Exceptions introduced - java.security.SignatureException

Parameters:

signingKey - the private key to use to generate the signature.

sigAlgID - an AlgorithmIdentifier compatible with the signing key.

Throws:

java.security.SignatureException

addSigVerifyCert

public void addSigVerifyCert(java.security.cert.X509Certificate cert)
                      throws java.security.cert.CertificateEncodingException

Adds a certificate to the certificate chain of this response.

Note the changes in the method signature

Previously public void addSigVerifyCert (X509)

Now public void addSigVerifyCert (X509Certificate)

Note :CertificateEncodingException is introduced

Parameters:

cert - The X509 certificateto add.

Throws:

java.security.cert.CertificateEncodingException

getSigVerifyCerts

public java.util.Vector getSigVerifyCerts()

Gets the certificate chain.

Returns:

A Vector of X509 certifictes.

getSigAlgID

public oracle.security.crypto.core.AlgorithmIdentifier getSigAlgID()

Gets the algorithm identifier used for the signature.

Returns:

The AlgorithmIdentifier object used for the generation of the signature.

getSigBytes

public byte[] getSigBytes()

Gets the signature.

Returns:

A byte[] representing the signature of this response.

verifySignature

public boolean verifySignature(java.security.PublicKey verifyKey)
                        throws oracle.security.crypto.core.AuthenticationException

Verifies the signature with the given key.

Parameters:

verifyKey - The public key to use for the verification.

Note the changes in the method signature

Previously public boolean verifySignature oracle.security.PublicKey)

Now public boolean verifySignature (java.security.PublicKey )

Returns:

A boolean value: true if the signature is valid.

Throws:

oracle.security.crypto.core.AuthenticationException

input

public void input(java.io.InputStream is)
           throws java.io.IOException

Throws:

java.io.IOException

output

public void output(java.io.OutputStream os)
            throws java.io.IOException

Throws:

java.io.IOException

length

public int length()

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object

Skip navigation links