Package com.itextpdf.text.pdf.security
Class OcspClientBouncyCastle
- java.lang.Object
-
- com.itextpdf.text.pdf.security.OcspClientBouncyCastle
-
- All Implemented Interfaces:
OcspClient
public class OcspClientBouncyCastle extends java.lang.Object implements OcspClient
OcspClient implementation using BouncyCastle.
-
-
Field Summary
Fields Modifier and Type Field Description private static LoggerLOGGERThe Logger instanceprivate OCSPVerifierverifier
-
Constructor Summary
Constructors Constructor Description OcspClientBouncyCastle()Deprecated.OcspClientBouncyCastle(OCSPVerifier verifier)CreateOcspClient
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static org.bouncycastle.cert.ocsp.OCSPReqgenerateOCSPRequest(java.security.cert.X509Certificate issuerCert, java.math.BigInteger serialNumber)Generates an OCSP request using BouncyCastle.org.bouncycastle.cert.ocsp.BasicOCSPRespgetBasicOCSPResp(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url)Gets OCSP response.byte[]getEncoded(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url)Gets an encoded byte array with OCSP validation.private org.bouncycastle.cert.ocsp.OCSPRespgetOcspResponse(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url)
-
-
-
Field Detail
-
LOGGER
private static final Logger LOGGER
The Logger instance
-
verifier
private final OCSPVerifier verifier
-
-
Constructor Detail
-
OcspClientBouncyCastle
@Deprecated public OcspClientBouncyCastle()
Deprecated.Create default implemention ofOcspClient. Note, if you use this constructor, OCSP response will not be verified.
-
OcspClientBouncyCastle
public OcspClientBouncyCastle(OCSPVerifier verifier)
CreateOcspClient- Parameters:
verifier- will be used for response verification. {@see OCSPVerifier}.
-
-
Method Detail
-
getBasicOCSPResp
public org.bouncycastle.cert.ocsp.BasicOCSPResp getBasicOCSPResp(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url)Gets OCSP response. If {@see OCSPVerifier} was setted, the response will be checked.
-
getEncoded
public byte[] getEncoded(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url)Gets an encoded byte array with OCSP validation. The method should not throw an exception.- Specified by:
getEncodedin interfaceOcspClient- Parameters:
checkCert- to certificate to checkrootCert- the parent certificateurl- to get the verification. It it's null it will be taken from the check cert or from other implementation specific source- Returns:
- a byte array with the validation or null if the validation could not be obtained
-
generateOCSPRequest
private static org.bouncycastle.cert.ocsp.OCSPReq generateOCSPRequest(java.security.cert.X509Certificate issuerCert, java.math.BigInteger serialNumber) throws org.bouncycastle.cert.ocsp.OCSPException, java.io.IOException, org.bouncycastle.operator.OperatorException, java.security.cert.CertificateEncodingExceptionGenerates an OCSP request using BouncyCastle.- Parameters:
issuerCert- certificate of the issuesserialNumber- serial number- Returns:
- an OCSP request
- Throws:
org.bouncycastle.cert.ocsp.OCSPExceptionjava.io.IOExceptionorg.bouncycastle.operator.OperatorExceptionjava.security.cert.CertificateEncodingException
-
getOcspResponse
private org.bouncycastle.cert.ocsp.OCSPResp getOcspResponse(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate rootCert, java.lang.String url) throws java.security.GeneralSecurityException, org.bouncycastle.cert.ocsp.OCSPException, java.io.IOException, org.bouncycastle.operator.OperatorException- Throws:
java.security.GeneralSecurityExceptionorg.bouncycastle.cert.ocsp.OCSPExceptionjava.io.IOExceptionorg.bouncycastle.operator.OperatorException
-
-