Package eu.europa.esig.dss.spi
Class DSSRevocationUtils
java.lang.Object
eu.europa.esig.dss.spi.DSSRevocationUtils
public final class DSSRevocationUtils extends Object
Utility class used to manipulate revocation data (OCSP, CRL)
-
Method Summary
Modifier and Type Method Description static org.bouncycastle.cert.ocsp.OCSPRespfromBasicToResp(byte[] basicOCSPRespBinary)Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).static org.bouncycastle.cert.ocsp.OCSPRespfromBasicToResp(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).static org.bouncycastle.cert.ocsp.BasicOCSPRespfromRespToBasic(org.bouncycastle.cert.ocsp.OCSPResp ocspResp)This method returns theBasicOCSPRespfrom aOCSPResp.static org.bouncycastle.cert.ocsp.BasicOCSPRespgetBasicOcspResp(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)This method allows to create aBasicOCSPRespfrom aASN1Sequence.static StringgetCRLRevocationTokenKey(String crlUrl)static List<String>getCRLRevocationTokenKeys(CertificateToken certificateToken)static DigestgetDigest(org.bouncycastle.asn1.esf.OtherHash otherHash)static org.bouncycastle.operator.DigestCalculatorgetDigestCalculator(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)static ResponderIdgetDSSResponderId(org.bouncycastle.asn1.ocsp.ResponderID responderID)TransformsResponderIDtoResponderIdstatic ResponderIdgetDSSResponderId(org.bouncycastle.cert.ocsp.RespID respID)TransformsRespIDtoResponderIdstatic byte[]getEncoded(org.bouncycastle.cert.ocsp.OCSPResp ocspResp)static byte[]getEncodedFromBasicResp(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)static org.bouncycastle.cert.ocsp.SingleRespgetLatestSingleResponse(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer)static org.bouncycastle.cert.ocsp.CertificateIDgetOCSPCertificateID(CertificateToken cert, CertificateToken issuerCert, eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)Returns theCertificateIDfor the given certificate and its issuer's certificate.static org.bouncycastle.cert.ocsp.OCSPRespgetOcspResp(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)This method allows to create aOCSPRespfrom aASN1Sequence.static StringgetOcspRevocationKey(CertificateToken certificateToken, String ocspUrl)static List<String>getOcspRevocationTokenKeys(CertificateToken certificateToken)static List<org.bouncycastle.cert.ocsp.SingleResp>getSingleResponses(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer)static eu.europa.esig.dss.enumerations.DigestAlgorithmgetUsedDigestAlgorithm(org.bouncycastle.cert.ocsp.SingleResp singleResp)Returns a DigestAlgorithm used in the givensingleRespstatic org.bouncycastle.cert.ocsp.BasicOCSPResploadOCSPBase64Encoded(String base64Encoded)This method loads an OCSP response from the given base 64 encoded string.static org.bouncycastle.cert.ocsp.BasicOCSPResploadOCSPFromBinaries(byte[] binaries)This method loads an OCSP response from the given binaries.static booleanmatches(org.bouncycastle.cert.ocsp.CertificateID certId, org.bouncycastle.cert.ocsp.SingleResp singleResp)fix for certId.equals methods that doesn't work very well.
-
Method Details
-
getBasicOcspResp
public static org.bouncycastle.cert.ocsp.BasicOCSPResp getBasicOcspResp(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)This method allows to create aBasicOCSPRespfrom aASN1Sequence. The value for response SHALL be the DER encoding of BasicOCSPResponse (RFC 2560).- Parameters:
asn1Sequence-ASN1Sequenceto convert toBasicOCSPResp- Returns:
BasicOCSPResp
-
getOcspResp
public static org.bouncycastle.cert.ocsp.OCSPResp getOcspResp(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)This method allows to create aOCSPRespfrom aASN1Sequence.- Parameters:
asn1Sequence-ASN1Sequenceto convert toOCSPResp- Returns:
OCSPResp
-
fromRespToBasic
public static org.bouncycastle.cert.ocsp.BasicOCSPResp fromRespToBasic(org.bouncycastle.cert.ocsp.OCSPResp ocspResp)This method returns theBasicOCSPRespfrom aOCSPResp.- Parameters:
ocspResp-OCSPRespto analysed- Returns:
-
fromBasicToResp
public static org.bouncycastle.cert.ocsp.OCSPResp fromBasicToResp(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).- Parameters:
basicOCSPResp- theBasicOCSPRespto be converted toOCSPResp- Returns:
- the result of the conversion
-
getEncodedFromBasicResp
public static byte[] getEncodedFromBasicResp(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp) -
fromBasicToResp
public static org.bouncycastle.cert.ocsp.OCSPResp fromBasicToResp(byte[] basicOCSPRespBinary)Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).- Parameters:
basicOCSPRespBinary- the binary of BasicOCSPResp- Returns:
- an instance of OCSPResp
-
getUsedDigestAlgorithm
public static eu.europa.esig.dss.enumerations.DigestAlgorithm getUsedDigestAlgorithm(org.bouncycastle.cert.ocsp.SingleResp singleResp)Returns a DigestAlgorithm used in the givensingleResp- Parameters:
singleResp-SingleRespto extract the used SingleResp from- Returns:
SingleResp
-
matches
public static boolean matches(org.bouncycastle.cert.ocsp.CertificateID certId, org.bouncycastle.cert.ocsp.SingleResp singleResp)fix for certId.equals methods that doesn't work very well.- Parameters:
certId-CertificateIDsingleResp-SingleResp- Returns:
- true if the certificate matches this included in
SingleResp
-
getOCSPCertificateID
public static org.bouncycastle.cert.ocsp.CertificateID getOCSPCertificateID(CertificateToken cert, CertificateToken issuerCert, eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)Returns theCertificateIDfor the given certificate and its issuer's certificate.- Parameters:
cert-CertificateTokenfor which the id is createdissuerCert-CertificateTokenissuer certificate of thecertdigestAlgorithm-DigestAlgorithmto be used for CertificateID hash calculation- Returns:
CertificateID
-
getDigestCalculator
public static org.bouncycastle.operator.DigestCalculator getDigestCalculator(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm) -
loadOCSPBase64Encoded
public static org.bouncycastle.cert.ocsp.BasicOCSPResp loadOCSPBase64Encoded(String base64Encoded) throws IOExceptionThis method loads an OCSP response from the given base 64 encoded string.- Parameters:
base64Encoded- base 64 encoded OCSP response- Returns:
- the
BasicOCSPRespobject - Throws:
IOException- if IO error occurred
-
loadOCSPFromBinaries
public static org.bouncycastle.cert.ocsp.BasicOCSPResp loadOCSPFromBinaries(byte[] binaries) throws IOExceptionThis method loads an OCSP response from the given binaries.- Parameters:
binaries- byte array of OCSP response- Returns:
- the
BasicOCSPRespobject - Throws:
IOException- if IO error occurred
-
getEncoded
public static byte[] getEncoded(org.bouncycastle.cert.ocsp.OCSPResp ocspResp) -
getDSSResponderId
TransformsRespIDtoResponderId- Parameters:
respID-RespIDto get values from- Returns:
ResponderId
-
getDSSResponderId
TransformsResponderIDtoResponderId- Parameters:
responderID-ResponderIDto get values from- Returns:
ResponderId
-
getCRLRevocationTokenKeys
- Parameters:
certificateToken-CertificateToken- Returns:
- list of
Stringrevocation keys
-
getCRLRevocationTokenKey
-
getOcspRevocationTokenKeys
- Parameters:
certificateToken-CertificateToken- Returns:
- list of
Stringrevocation keys
-
getOcspRevocationKey
-
getLatestSingleResponse
public static org.bouncycastle.cert.ocsp.SingleResp getLatestSingleResponse(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer) -
getSingleResponses
public static List<org.bouncycastle.cert.ocsp.SingleResp> getSingleResponses(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer) -
getDigest
-