Package com.itextpdf.text.pdf.security
Class OcspClientBouncyCastle
java.lang.Object
com.itextpdf.text.pdf.security.OcspClientBouncyCastle
- All Implemented Interfaces:
OcspClient
OcspClient implementation using BouncyCastle.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final Logger
The Logger instanceprivate final OCSPVerifier
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate static org.bouncycastle.cert.ocsp.OCSPReq
generateOCSPRequest
(X509Certificate issuerCert, BigInteger serialNumber) Generates an OCSP request using BouncyCastle.org.bouncycastle.cert.ocsp.BasicOCSPResp
getBasicOCSPResp
(X509Certificate checkCert, X509Certificate rootCert, String url) Gets OCSP response.byte[]
getEncoded
(X509Certificate checkCert, X509Certificate rootCert, String url) Gets an encoded byte array with OCSP validation.private org.bouncycastle.cert.ocsp.OCSPResp
getOcspResponse
(X509Certificate checkCert, X509Certificate rootCert, String url)
-
Field Details
-
LOGGER
The Logger instance -
verifier
-
-
Constructor Details
-
OcspClientBouncyCastle
Deprecated.Create default implemention ofOcspClient
. Note, if you use this constructor, OCSP response will not be verified. -
OcspClientBouncyCastle
CreateOcspClient
- Parameters:
verifier
- will be used for response verification. .
-
-
Method Details
-
getBasicOCSPResp
public org.bouncycastle.cert.ocsp.BasicOCSPResp getBasicOCSPResp(X509Certificate checkCert, X509Certificate rootCert, String url) Gets OCSP response. If was setted, the response will be checked. -
getEncoded
Gets an encoded byte array with OCSP validation. The method should not throw an exception.- Specified by:
getEncoded
in interfaceOcspClient
- Parameters:
checkCert
- to certificate to checkrootCert
- the parent certificateurl
- to get the verification. It it's null it will be taken from the check cert or from other implementation specific source- Returns:
- a byte array with the validation or null if the validation could not be obtained
-
generateOCSPRequest
private static org.bouncycastle.cert.ocsp.OCSPReq generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber) throws org.bouncycastle.cert.ocsp.OCSPException, IOException, org.bouncycastle.operator.OperatorException, CertificateEncodingException Generates an OCSP request using BouncyCastle.- Parameters:
issuerCert
- certificate of the issuesserialNumber
- serial number- Returns:
- an OCSP request
- Throws:
org.bouncycastle.cert.ocsp.OCSPException
IOException
org.bouncycastle.operator.OperatorException
CertificateEncodingException
-
getOcspResponse
private org.bouncycastle.cert.ocsp.OCSPResp getOcspResponse(X509Certificate checkCert, X509Certificate rootCert, String url) throws GeneralSecurityException, org.bouncycastle.cert.ocsp.OCSPException, IOException, org.bouncycastle.operator.OperatorException - Throws:
GeneralSecurityException
org.bouncycastle.cert.ocsp.OCSPException
IOException
org.bouncycastle.operator.OperatorException
-