Class ValidationOcspClient
- java.lang.Object
-
- com.itextpdf.signatures.validation.ValidationOcspClient
-
- All Implemented Interfaces:
IOcspClient
public class ValidationOcspClient extends java.lang.Object implements IOcspClient
OCSP client which is expected to be used in case OCSP responses shall be linked with generation date.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.Map<IBasicOCSPResp,RevocationDataValidator.OcspResponseValidationInfo>
responses
-
Constructor Summary
Constructors Constructor Description ValidationOcspClient()
Create newValidationOcspClient
instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addResponse(IBasicOCSPResp response, java.util.Date date, TimeBasedContext context)
Add OCSP response which is linked with generation date.byte[]
getEncoded(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate issuerCert, java.lang.String url)
Fetch a DER-encoded BasicOCSPResponse from an OCSP responder.java.util.Map<IBasicOCSPResp,RevocationDataValidator.OcspResponseValidationInfo>
getResponses()
Get all the OCSP responses linked with generation dates.
-
-
-
Field Detail
-
responses
private final java.util.Map<IBasicOCSPResp,RevocationDataValidator.OcspResponseValidationInfo> responses
-
-
Constructor Detail
-
ValidationOcspClient
public ValidationOcspClient()
Create newValidationOcspClient
instance.
-
-
Method Detail
-
addResponse
public void addResponse(IBasicOCSPResp response, java.util.Date date, TimeBasedContext context)
Add OCSP response which is linked with generation date.- Parameters:
response
-IBasicOCSPResp
response to be addeddate
-Date
to be linked with the responsecontext
-TimeBasedContext
time based context which corresponds to generation date
-
getResponses
public java.util.Map<IBasicOCSPResp,RevocationDataValidator.OcspResponseValidationInfo> getResponses()
Get all the OCSP responses linked with generation dates.- Returns:
- all the OCSP responses linked with generation dates
-
getEncoded
public byte[] getEncoded(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate issuerCert, java.lang.String url)
Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data..
- Specified by:
getEncoded
in interfaceIOcspClient
- Parameters:
checkCert
- Certificate to check.issuerCert
- The parent certificate.url
- The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source.- Returns:
- a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained
- See Also:
- RFC 6960 ยง 4.2.1
-
-