iaik.cms
Class OCSPRevocationInfo

java.lang.Object
  java.security.cert.CRL
      iaik.cms.OtherRevocationInfo
          iaik.cms.OCSPRevocationInfo

All Implemented Interfaces:

ASN1Type

public class OCSPRevocationInfo
extends OtherRevocationInfo

This class implements the CMS type OtherRevocationInfoFormat for the OtherRevocationInfo format OCSP (id-ri-ocsp-response - 1.3.6.1.5.5.7.16.2) according to RFC 5940.

The Cryptographic Message Syntax (CMS) (RFC 5652) specifies the OtherRevocationInfoFormat type to allow to include any other (e.g. OCSP) revocation info format into a RevocationInfoChoices:

 RevocationInfoChoices ::= SET OF RevocationInfoChoice

 RevocationInfoChoice ::= CHOICE {
   crl CertificateList,
   other [1] IMPLICIT OtherRevocationInfoFormat }

 OtherRevocationInfoFormat ::= SEQUENCE {
   otherRevInfoFormat OBJECT IDENTIFIER,
   otherRevInfo ANY DEFINED BY otherRevInfoFormat }
 

If the revocation information is provided by OCSP, RFC 5940 specifies the otherRevInfoFormat id-ri-ocsp-response (1.3.6.1.5.5.7.16.2):

  id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
    dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) }
    
  id-ri-ocsp-response OBJECT IDENTIFIER ::= { id-ri 2 }   
 

The otherRevInfo field has to contain a DER encoded OCSPResponse, e.g.:

 OCSPResponse ocspResponse = ...;
 OCSPRevocationInfo ocspRevInfo = new OCSPRevocationInfo(ocspResponse);
 // create a RevocationInfoChoices and add the other RevocationInfo:
 RevocationInfoChoices revocationInfoChoices = new RevocationInfoChoices();
 revocationInfoChoices.addRevocationInfo(otherRevocationInfo);
 // add the RevocationInfoChoices set to a, e.g., SignedData object:
 SignedData signedData = ...;
 ...
 signedData.setRevocationInfoChoices(revocationInfoChoices);
 

See Also:

RevocationInfoChoices

Field Summary

static ObjectID

id_ri_ocsp_response ObjectID ("1.3.6.1.5.5.7.16.2") for the CMS OtherRevocationInfo format OCSP Response as specified by RFC 5940.

Constructor Summary

OCSPRevocationInfo(ASN1Object ocspRevInfo)
Creates an OCSPRevocationInfo from an ASN.1 OCSP revocation info.

OCSPRevocationInfo(byte[] array)
Creates an OCSPRevocationInfo from a DER encoded OCSP revocation info.

OCSPRevocationInfo(OCSPResponse ocspResponse)
Creates an OCSPRevocationInfo from the given OCSPResponse.

Method Summary

void	decode(ASN1Object ocspRevInfo) Decodes and parses the ASN.1 representation of the other RevocationInfo of type id-ri-ocsp-response.
BasicOCSPResponse	getBasicResponse() Gets the inherent BasicOCSPResponse.
boolean	isRevoked(java.security.cert.Certificate cert) Throws a RuntimeException since more information than the target certificate only is required to check the revocation state.
java.lang.String	toString() Gets a String representation of the OCSP RevocationInfo.

Methods inherited from class iaik.cms.OtherRevocationInfo

getEncoded, getOtherRevInfoFormat, toASN1Object

Methods inherited from class java.security.cert.CRL

getType

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

id_ri_ocsp_response

public static ObjectID id_ri_ocsp_response

ObjectID ("1.3.6.1.5.5.7.16.2") for the CMS OtherRevocationInfo format OCSP Response as specified by RFC 5940.

Constructor Detail

OCSPRevocationInfo

public OCSPRevocationInfo(OCSPResponse ocspResponse)
                   throws CodingException

Creates an OCSPRevocationInfo from the given OCSPResponse.

Parameters:

ocspResponse - the OCSPresponse

Throws:

CodingException - if the ASN.1 representation of the OCSP cannot be created

OCSPRevocationInfo

public OCSPRevocationInfo(ASN1Object ocspRevInfo)
                   throws CodingException

Creates an OCSPRevocationInfo from an ASN.1 OCSP revocation info.

Parameters:

ocspRevInfo - the OCSP revocation info as ASN.1 object

Throws:

CodingException - if the ASN.1 representation cannot be parsed

OCSPRevocationInfo

public OCSPRevocationInfo(byte[] array)
                   throws CodingException

Creates an OCSPRevocationInfo from a DER encoded OCSP revocation info.

Parameters:

array - the DER encoded OCSP revocation info

Throws:

CodingException - if an error occurs when parsing the DER encoded OCSP revocation info

Method Detail

decode

public void decode(ASN1Object ocspRevInfo)
            throws CodingException

Decodes and parses the ASN.1 representation of the other RevocationInfo of type id-ri-ocsp-response. The given ocspRevInfo represents the otherRevInfo component of the RFC 5652 OtherRevocationInfoFormat sequence:

 OtherRevocationInfoFormat ::= SEQUENCE {
   otherRevInfoFormat OBJECT IDENTIFIER,
   otherRevInfo ANY DEFINED BY otherRevInfoFormat }
 

Specified by:

decode in interface ASN1Type

Overrides:

decode in class OtherRevocationInfo

Parameters:

ocspRevInfo - the ASN.1 OCSP RevocationInfo

Throws:

CodingException - if an error occurs when parsing the other RevocationInfo

getBasicResponse

public BasicOCSPResponse getBasicResponse()
                                   throws CodingException

Gets the inherent BasicOCSPResponse.

Returns:

the BasicOCSPResponse

Throws:

CodingException - if an error occurs when parsing the (yet not decoded) (Basic)OCSPResponse

isRevoked

public boolean isRevoked(java.security.cert.Certificate cert)

Throws a RuntimeException since more information than the target certificate only is required to check the revocation state.

Overrides:

isRevoked in class OtherRevocationInfo

toString

public java.lang.String toString()

Gets a String representation of the OCSP RevocationInfo. The String representation returned by this method represents the otherRevInfo component of the RFC 5652 OtherRevocationInfoFormat sequence:

 OtherRevocationInfoFormat ::= SEQUENCE {
   otherRevInfoFormat OBJECT IDENTIFIER,
   otherRevInfo ANY DEFINED BY otherRevInfoFormat }
 

Overrides:

toString in class OtherRevocationInfo

Returns:

a String representation of the OCSP otherRevInfo