Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

demo.x509.ocsp
Class OCSP

java.lang.Object
  |
  +--demo.x509.ocsp.OCSP
Direct Known Subclasses:
HttpOCSPClient, OCSPClient
public class OCSP
extends Object

Tests the OCSP implementation.

This class demonstrates the usage of the IAIK ocsp implementation by simulating the following actions in the given order:

  1. Requestor: creation and encoding of an ocsp request
  2. Responder: decoding and parsing of the ocsp request
  3. Responder: creation and encoding of an ocsp response for the given request
  4. Requestor: decoding, parsing, and verification of the response
The test sequence above is performed four times to simulate unsigned requests with and without extensions, and signed requests with and without extensions.

The keys and certificates required for this demo are obtained from the IAIK-JCE demo keystore "jce.keystore" which may be generated by running the SetupKeyStore program.

Version:
File Revision 20

Constructor Summary
OCSP()
          Setup the demo certificate chains.
 
Method Summary
 OCSPRequest createOCSPRequest(PrivateKey requestorKey, X509Certificate[] requestorCerts, boolean includeExtensions)
          Creates an OCSPRequest.
 OCSPRequest createOCSPRequest(PrivateKey requestorKey, X509Certificate[] requestorCerts, X509Certificate[] targetCerts, boolean includeExtensions)
          Creates an OCSPRequest.
 byte[] createOCSPResponse(InputStream is, PublicKey requestorKey, boolean includeExtensions)
          Creates an ocsp response answering the given ocsp request.
static void main(String[] argv)
          Starts the test.
 void parseOCSPResponse(OCSPResponse ocspResponse)
          Parses an ocsp response received and looks for the single responses included.
 void start()
          Performs three tests: Unsigned request without extensions.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

OCSP

public OCSP()
     throws IOException
Setup the demo certificate chains. Keys and certificates are retrieved from the demo KeyStore.
Throws:
IOException - if an file read error occurs
Method Detail

start

public void start()
Performs three tests:
  1. Unsigned request without extensions.
  2. Unsigned request with extensions.
  3. Signed request without extensions.
  4. Signed request with extensions.

createOCSPRequest

public OCSPRequest createOCSPRequest(PrivateKey requestorKey,
                                     X509Certificate[] requestorCerts,
                                     boolean includeExtensions)
                              throws OCSPException
Creates an OCSPRequest.
Parameters:
requestorKey - the private key of the requestor, or null if the request shall not be signed
requestorCerts - if the request shall be signed (requestorKey != null) and signer certs shall be included
includeExtensions - if extensions shall be included
Returns:
the OCSPRequest created
Throws:
OCSPException - if an error occurs when creating the request

createOCSPRequest

public OCSPRequest createOCSPRequest(PrivateKey requestorKey,
                                     X509Certificate[] requestorCerts,
                                     X509Certificate[] targetCerts,
                                     boolean includeExtensions)
                              throws OCSPException
Creates an OCSPRequest.
Parameters:
requestorKey - the private key of the requestor, or null if the request shall not be signed
requestorCerts - if the request shall be signed (requestorKey != null) and signer certs shall be included
targetCerts - the certs for which status information shall be included
includeExtensions - if extensions shall be included
Returns:
the OCSPRequest created
Throws:
OCSPException - if an error occurs when creating the request

createOCSPResponse

public byte[] createOCSPResponse(InputStream is,
                                 PublicKey requestorKey,
                                 boolean includeExtensions)
Creates an ocsp response answering the given ocsp request.
Parameters:
is - the encoded OCSP request supplied from an input stream
requestorKey - the signing key of the requestor (may be supplied for allowing to verify a signed request with no certificates included)
includeExtensions - if extensions shall be included
Returns:
the DER encoded OCSPResponse

parseOCSPResponse

public void parseOCSPResponse(OCSPResponse ocspResponse)
                       throws OCSPException
Parses an ocsp response received and looks for the single responses included.
Parameters:
ocspResponse - the OCSP response
Throws:
OCSPException - if an error occurs when creating the response

main

public static void main(String[] argv)
                 throws Exception
Starts the test.
Throws:
Exception - if an error occurs when reading required keys and certificates from files
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK