aboutsummaryrefslogtreecommitdiffstats
path: root/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java')
-rw-r--r--libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java366
1 files changed, 366 insertions, 0 deletions
diff --git a/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java b/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java
new file mode 100644
index 000000000..1e64236ff
--- /dev/null
+++ b/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/ocsp/BasicOCSPResp.java
@@ -0,0 +1,366 @@
+package org.spongycastle.ocsp;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PublicKey;
+import java.security.Signature;
+import org.spongycastle.jce.cert.CertStore;
+import org.spongycastle.jce.cert.CertStoreParameters;
+import java.security.cert.CertificateException;
+import org.spongycastle.jce.cert.CertificateFactory;
+import org.spongycastle.jce.cert.CollectionCertStoreParameters;
+import java.security.cert.X509Certificate;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.spongycastle.asn1.ASN1Encodable;
+import org.spongycastle.asn1.ASN1Encoding;
+import org.spongycastle.asn1.ASN1OutputStream;
+import org.spongycastle.asn1.ASN1Sequence;
+import org.spongycastle.asn1.DERObjectIdentifier;
+import org.spongycastle.asn1.ocsp.BasicOCSPResponse;
+import org.spongycastle.asn1.ocsp.ResponseData;
+import org.spongycastle.asn1.ocsp.SingleResponse;
+import org.spongycastle.asn1.x509.X509Extension;
+import org.spongycastle.asn1.x509.X509Extensions;
+
+/**
+ * <pre>
+ * BasicOCSPResponse ::= SEQUENCE {
+ * tbsResponseData ResponseData,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signature BIT STRING,
+ * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ * </pre>
+ *
+ * @deprecated use classes in org.spongycastle.cert.ocsp.
+ */
+public class BasicOCSPResp
+ implements java.security.cert.X509Extension
+{
+ BasicOCSPResponse resp;
+ ResponseData data;
+ X509Certificate[] chain = null;
+
+ public BasicOCSPResp(
+ BasicOCSPResponse resp)
+ {
+ this.resp = resp;
+ this.data = resp.getTbsResponseData();
+ }
+
+ /**
+ * Return the DER encoding of the tbsResponseData field.
+ * @return DER encoding of tbsResponseData
+ * @throws OCSPException in the event of an encoding error.
+ */
+ public byte[] getTBSResponseData()
+ throws OCSPException
+ {
+ try
+ {
+ return resp.getTbsResponseData().getEncoded();
+ }
+ catch (IOException e)
+ {
+ throw new OCSPException("problem encoding tbsResponseData", e);
+ }
+ }
+
+ public int getVersion()
+ {
+ return data.getVersion().getValue().intValue() + 1;
+ }
+
+ public RespID getResponderId()
+ {
+ return new RespID(data.getResponderID());
+ }
+
+ public Date getProducedAt()
+ {
+ try
+ {
+ return data.getProducedAt().getDate();
+ }
+ catch (ParseException e)
+ {
+ throw new IllegalStateException("ParseException:" + e.getMessage());
+ }
+ }
+
+ public SingleResp[] getResponses()
+ {
+ ASN1Sequence s = data.getResponses();
+ SingleResp[] rs = new SingleResp[s.size()];
+
+ for (int i = 0; i != rs.length; i++)
+ {
+ rs[i] = new SingleResp(SingleResponse.getInstance(s.getObjectAt(i)));
+ }
+
+ return rs;
+ }
+
+ public X509Extensions getResponseExtensions()
+ {
+ return X509Extensions.getInstance(data.getResponseExtensions());
+ }
+
+ /**
+ * RFC 2650 doesn't specify any critical extensions so we return true
+ * if any are encountered.
+ *
+ * @return true if any critical extensions are present.
+ */
+ public boolean hasUnsupportedCriticalExtension()
+ {
+ Set extns = getCriticalExtensionOIDs();
+ if (extns != null && !extns.isEmpty())
+ {
+ return true;
+ }
+
+ return false;
+ }
+
+ private Set getExtensionOIDs(boolean critical)
+ {
+ Set set = new HashSet();
+ X509Extensions extensions = this.getResponseExtensions();
+
+ if (extensions != null)
+ {
+ Enumeration e = extensions.oids();
+
+ while (e.hasMoreElements())
+ {
+ DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
+ X509Extension ext = extensions.getExtension(oid);
+
+ if (critical == ext.isCritical())
+ {
+ set.add(oid.getId());
+ }
+ }
+ }
+
+ return set;
+ }
+
+ public Set getCriticalExtensionOIDs()
+ {
+ return getExtensionOIDs(true);
+ }
+
+ public Set getNonCriticalExtensionOIDs()
+ {
+ return getExtensionOIDs(false);
+ }
+
+ public byte[] getExtensionValue(String oid)
+ {
+ X509Extensions exts = this.getResponseExtensions();
+
+ if (exts != null)
+ {
+ X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid));
+
+ if (ext != null)
+ {
+ try
+ {
+ return ext.getValue().getEncoded(ASN1Encoding.DER);
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("error encoding " + e.toString());
+ }
+ }
+ }
+
+ return null;
+ }
+
+ public String getSignatureAlgName()
+ {
+ return OCSPUtil.getAlgorithmName(resp.getSignatureAlgorithm().getObjectId());
+ }
+
+ public String getSignatureAlgOID()
+ {
+ return resp.getSignatureAlgorithm().getObjectId().getId();
+ }
+
+ /**
+ * @deprecated RespData class is no longer required as all functionality is
+ * available on this class.
+ * @return the RespData object
+ */
+ public RespData getResponseData()
+ {
+ return new RespData(resp.getTbsResponseData());
+ }
+
+ public byte[] getSignature()
+ {
+ return resp.getSignature().getBytes();
+ }
+
+ private List getCertList(
+ String provider)
+ throws OCSPException, NoSuchProviderException
+ {
+ List certs = new ArrayList();
+ ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+ ASN1OutputStream aOut = new ASN1OutputStream(bOut);
+ CertificateFactory cf;
+
+ try
+ {
+ cf = OCSPUtil.createX509CertificateFactory(provider);
+ }
+ catch (CertificateException ex)
+ {
+ throw new OCSPException("can't get certificate factory.", ex);
+ }
+
+ //
+ // load the certificates and revocation lists if we have any
+ //
+ ASN1Sequence s = resp.getCerts();
+
+ if (s != null)
+ {
+ Enumeration e = s.getObjects();
+
+ while (e.hasMoreElements())
+ {
+ try
+ {
+ aOut.writeObject((ASN1Encodable)e.nextElement());
+
+ certs.add(cf.generateCertificate(
+ new ByteArrayInputStream(bOut.toByteArray())));
+ }
+ catch (IOException ex)
+ {
+ throw new OCSPException(
+ "can't re-encode certificate!", ex);
+ }
+ catch (CertificateException ex)
+ {
+ throw new OCSPException(
+ "can't re-encode certificate!", ex);
+ }
+
+ bOut.reset();
+ }
+ }
+
+ return certs;
+ }
+
+ public X509Certificate[] getCerts(
+ String provider)
+ throws OCSPException, NoSuchProviderException
+ {
+ List certs = getCertList(provider);
+
+ return (X509Certificate[])certs.toArray(new X509Certificate[certs.size()]);
+ }
+
+ /**
+ * Return the certificates, if any associated with the response.
+ * @param type type of CertStore to create
+ * @param provider provider to use
+ * @return a CertStore, possibly empty
+ * @throws NoSuchAlgorithmException
+ * @throws NoSuchProviderException
+ * @throws OCSPException
+ */
+ public CertStore getCertificates(
+ String type,
+ String provider)
+ throws NoSuchAlgorithmException, NoSuchProviderException, OCSPException
+ {
+ try
+ {
+ CertStoreParameters params = new CollectionCertStoreParameters(this.getCertList(provider));
+ return OCSPUtil.createCertStoreInstance(type, params, provider);
+ }
+ catch (InvalidAlgorithmParameterException e)
+ {
+ throw new OCSPException("can't setup the CertStore", e);
+ }
+ }
+
+ /**
+ * verify the signature against the tbsResponseData object we contain.
+ */
+ public boolean verify(
+ PublicKey key,
+ String sigProvider)
+ throws OCSPException, NoSuchProviderException
+ {
+ try
+ {
+ Signature signature = OCSPUtil.createSignatureInstance(this.getSignatureAlgName(), sigProvider);
+
+ signature.initVerify(key);
+
+ signature.update(resp.getTbsResponseData().getEncoded(ASN1Encoding.DER));
+
+ return signature.verify(this.getSignature());
+ }
+ catch (NoSuchProviderException e)
+ {
+ // TODO Why this special case?
+ throw e;
+ }
+ catch (Exception e)
+ {
+ throw new OCSPException("exception processing sig: " + e, e);
+ }
+ }
+
+ /**
+ * return the ASN.1 encoded representation of this object.
+ */
+ public byte[] getEncoded()
+ throws IOException
+ {
+ return resp.getEncoded();
+ }
+
+ public boolean equals(Object o)
+ {
+ if (o == this)
+ {
+ return true;
+ }
+
+ if (!(o instanceof BasicOCSPResp))
+ {
+ return false;
+ }
+
+ BasicOCSPResp r = (BasicOCSPResp)o;
+
+ return resp.equals(r.resp);
+ }
+
+ public int hashCode()
+ {
+ return resp.hashCode();
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 06:29:17 +0000