java.security.cert.CRL
iaik.cms.OtherRevocationInfo
iaik.cms.OCSPRevocationInfo
|
IAIK CMS/SMIME Toolkit API Documentation
Version 6.1 |
||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
public class OCSPRevocationInfo
This class implements the CMS type OtherRevocationInfoFormat for the OtherRevocationInfo format OCSP (id-ri-ocsp-response - 1.3.6.1.5.5.7.16.2) according to RFC 5940.
The Cryptographic Message Syntax (CMS) (RFC 5652)
specifies the OtherRevocationInfoFormat type to allow to include any other (e.g. OCSP) revocation info format into a
RevocationInfoChoices:
RevocationInfoChoices ::= SET OF RevocationInfoChoice
RevocationInfoChoice ::= CHOICE {
crl CertificateList,
other [1] IMPLICIT OtherRevocationInfoFormat }
OtherRevocationInfoFormat ::= SEQUENCE {
otherRevInfoFormat OBJECT IDENTIFIER,
otherRevInfo ANY DEFINED BY otherRevInfoFormat }
If the revocation information is provided by OCSP, RFC 5940 specifies the otherRevInfoFormat
id-ri-ocsp-response (1.3.6.1.5.5.7.16.2):
id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) }
id-ri-ocsp-response OBJECT IDENTIFIER ::= { id-ri 2 }
The otherRevInfo field has to contain a DER encoded OCSPResponse, e.g.:
OCSPResponse ocspResponse = ...; OCSPRevocationInfo ocspRevInfo = new OCSPRevocationInfo(ocspResponse); // create a RevocationInfoChoices and add the other RevocationInfo: RevocationInfoChoices revocationInfoChoices = new RevocationInfoChoices(); revocationInfoChoices.addRevocationInfo(otherRevocationInfo); // add the RevocationInfoChoices set to a, e.g., SignedData object: SignedData signedData = ...; ... signedData.setRevocationInfoChoices(revocationInfoChoices);
RevocationInfoChoices| Field Summary | |
|---|---|
static iaik.asn1.ObjectID |
id_ri_ocsp_response
ObjectID ("1.3.6.1.5.5.7.16.2") for the CMS OtherRevocationInfo format OCSP Response
as specified by RFC 5940. |
| Constructor Summary | |
|---|---|
OCSPRevocationInfo(iaik.asn1.ASN1Object ocspRevInfo)
Creates an OCSPRevocationInfo from an ASN.1 OCSP revocation info. |
|
OCSPRevocationInfo(byte[] array)
Creates an OCSPRevocationInfo from a DER encoded OCSP revocation info. |
|
OCSPRevocationInfo(iaik.x509.ocsp.OCSPResponse ocspResponse)
Creates an OCSPRevocationInfo from the given OCSPResponse. |
|
| Method Summary | |
|---|---|
void |
decode(iaik.asn1.ASN1Object ocspRevInfo)
Decodes and parses the ASN.1 representation of the other RevocationInfo of type id-ri-ocsp-response. |
iaik.x509.ocsp.BasicOCSPResponse |
getBasicResponse()
Gets the inherent BasicOCSPResponse. |
boolean |
isRevoked(java.security.cert.Certificate cert)
Throws a RuntimeException since more information than the target certificate only is required to check the revocation state. |
java.lang.String |
toString()
Gets a String representation of the OCSP RevocationInfo. |
| Methods inherited from class iaik.cms.OtherRevocationInfo |
|---|
getEncoded, getOtherRevInfoFormat, toASN1Object |
| Methods inherited from class java.security.cert.CRL |
|---|
getType |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Field Detail |
|---|
public static iaik.asn1.ObjectID id_ri_ocsp_response
OCSP Response
as specified by RFC 5940.
| Constructor Detail |
|---|
public OCSPRevocationInfo(iaik.x509.ocsp.OCSPResponse ocspResponse)
throws iaik.asn1.CodingException
ocspResponse - the OCSPresponse
iaik.asn1.CodingException - if the ASN.1 representation of the OCSP cannot be created
public OCSPRevocationInfo(iaik.asn1.ASN1Object ocspRevInfo)
throws iaik.asn1.CodingException
ocspRevInfo - the OCSP revocation info as ASN.1 object
iaik.asn1.CodingException - if the ASN.1 representation cannot be parsed
public OCSPRevocationInfo(byte[] array)
throws iaik.asn1.CodingException
array - the DER encoded OCSP revocation info
iaik.asn1.CodingException - if an error occurs when parsing the DER encoded OCSP revocation info| Method Detail |
|---|
public void decode(iaik.asn1.ASN1Object ocspRevInfo)
throws iaik.asn1.CodingException
id-ri-ocsp-response.
The given ocspRevInfo represents the otherRevInfo component of the
RFC 5652 OtherRevocationInfoFormat sequence:
OtherRevocationInfoFormat ::= SEQUENCE {
otherRevInfoFormat OBJECT IDENTIFIER,
otherRevInfo ANY DEFINED BY otherRevInfoFormat }
decode in interface iaik.asn1.ASN1Typedecode in class OtherRevocationInfoocspRevInfo - the ASN.1 OCSP RevocationInfo
iaik.asn1.CodingException - if an error occurs when parsing the other RevocationInfo
public iaik.x509.ocsp.BasicOCSPResponse getBasicResponse()
throws iaik.asn1.CodingException
iaik.asn1.CodingException - if an error occurs when parsing the (yet not decoded)
(Basic)OCSPResponsepublic boolean isRevoked(java.security.cert.Certificate cert)
isRevoked in class OtherRevocationInfopublic java.lang.String toString()
otherRevInfo component of the RFC 5652 OtherRevocationInfoFormat
sequence:
OtherRevocationInfoFormat ::= SEQUENCE {
otherRevInfoFormat OBJECT IDENTIFIER,
otherRevInfo ANY DEFINED BY otherRevInfoFormat }
toString in class OtherRevocationInfo
|
IAIK CMS/SMIME Toolkit API Documentation
Version 6.1 |
||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
|
v6.1 (c) 2002 IAIK, (c) 2003 - 2025 SIC |
|