Package eu.europa.esig.dss.spi

Class DSSRevocationUtils

java.lang.Object
eu.europa.esig.dss.spi.DSSRevocationUtils
public final class DSSRevocationUtils
extends Object
Utility class used to manipulate revocation data (OCSP, CRL)

  • Method Details

    • getBasicOcspResp

      public static org.bouncycastle.cert.ocsp.BasicOCSPResp getBasicOcspResp​(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)
      This method allows to create a BasicOCSPResp from a ASN1Sequence. The value for response SHALL be the DER encoding of BasicOCSPResponse (RFC 2560).
      Parameters:
      asn1Sequence - ASN1Sequence to convert to BasicOCSPResp
      Returns:
      BasicOCSPResp

    • getOcspResp

      public static org.bouncycastle.cert.ocsp.OCSPResp getOcspResp​(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)
      This method allows to create a OCSPResp from a ASN1Sequence.
      Parameters:
      asn1Sequence - ASN1Sequence to convert to OCSPResp
      Returns:
      OCSPResp

    • fromRespToBasic

      public static org.bouncycastle.cert.ocsp.BasicOCSPResp fromRespToBasic​(org.bouncycastle.cert.ocsp.OCSPResp ocspResp)
      This method returns the BasicOCSPResp from a OCSPResp.
      Parameters:
      ocspResp - OCSPResp to analysed
      Returns:

    • fromBasicToResp

      public static org.bouncycastle.cert.ocsp.OCSPResp fromBasicToResp​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)
      Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).
      Parameters:
      basicOCSPResp - the BasicOCSPResp to be converted to OCSPResp
      Returns:
      the result of the conversion

    • getEncodedFromBasicResp

      public static byte[] getEncodedFromBasicResp​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)

    • fromBasicToResp

      public static org.bouncycastle.cert.ocsp.OCSPResp fromBasicToResp​(byte[] basicOCSPRespBinary)
      Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL).
      Parameters:
      basicOCSPRespBinary - the binary of BasicOCSPResp
      Returns:
      an instance of OCSPResp

    • getUsedDigestAlgorithm

      public static DigestAlgorithm getUsedDigestAlgorithm​(org.bouncycastle.cert.ocsp.SingleResp singleResp)
      Returns a DigestAlgorithm used in the given singleResp
      Parameters:
      singleResp - SingleResp to extract the used SingleResp from
      Returns:
      SingleResp

    • matches

      public static boolean matches​(org.bouncycastle.cert.ocsp.CertificateID certId, org.bouncycastle.cert.ocsp.SingleResp singleResp)
      fix for certId.equals methods that doesn't work very well.
      Parameters:
      certId - CertificateID
      singleResp - SingleResp
      Returns:
      true if the certificate matches this included in SingleResp

    • getOCSPCertificateID

      public static org.bouncycastle.cert.ocsp.CertificateID getOCSPCertificateID​(CertificateToken cert, CertificateToken issuerCert, DigestAlgorithm digestAlgorithm)
      Returns the CertificateID for the given certificate and its issuer's certificate.
      Parameters:
      cert - CertificateToken for which the id is created
      issuerCert - CertificateToken issuer certificate of the cert
      digestAlgorithm - DigestAlgorithm to be used for CertificateID hash calculation
      Returns:
      CertificateID

    • getDigestCalculator

      public static org.bouncycastle.operator.DigestCalculator getDigestCalculator​(DigestAlgorithm digestAlgorithm)

    • loadOCSPBase64Encoded

      public static org.bouncycastle.cert.ocsp.BasicOCSPResp loadOCSPBase64Encoded​(String base64Encoded) throws IOException
      This method loads an OCSP response from the given base 64 encoded string.
      Parameters:
      base64Encoded - base 64 encoded OCSP response
      Returns:
      the BasicOCSPResp object
      Throws:
      IOException - if IO error occurred

    • loadOCSPFromBinaries

      public static org.bouncycastle.cert.ocsp.BasicOCSPResp loadOCSPFromBinaries​(byte[] binaries) throws IOException
      This method loads an OCSP response from the given binaries.
      Parameters:
      binaries - byte array of OCSP response
      Returns:
      the BasicOCSPResp object
      Throws:
      IOException - if IO error occurred

    • getEncoded

      public static byte[] getEncoded​(org.bouncycastle.cert.ocsp.OCSPResp ocspResp)

    • getDSSResponderId

      public static ResponderId getDSSResponderId​(org.bouncycastle.cert.ocsp.RespID respID)
      Transforms RespID to ResponderId
      Parameters:
      respID - RespID to get values from
      Returns:
      ResponderId

    • getDSSResponderId

      public static ResponderId getDSSResponderId​(org.bouncycastle.asn1.ocsp.ResponderID responderID)
      Transforms ResponderID to ResponderId
      Parameters:
      responderID - ResponderID to get values from
      Returns:
      ResponderId

    • getCRLRevocationTokenKeys

      public static List<String> getCRLRevocationTokenKeys​(CertificateToken certificateToken)
      Initialize a list revocation token keys String for CRLToken from the given CertificateToken
      Parameters:
      certificateToken - CertificateToken
      Returns:
      list of String revocation keys

    • getCRLRevocationTokenKey

      public static String getCRLRevocationTokenKey​(String crlUrl)

    • getOcspRevocationTokenKeys

      public static List<String> getOcspRevocationTokenKeys​(CertificateToken certificateToken)
      Initialize a list revocation token keys String for OCSPToken from the given CertificateToken
      Parameters:
      certificateToken - CertificateToken
      Returns:
      list of String revocation keys

    • getOcspRevocationKey

      public static String getOcspRevocationKey​(CertificateToken certificateToken, String ocspUrl)

    • getLatestSingleResponse

      public static org.bouncycastle.cert.ocsp.SingleResp getLatestSingleResponse​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer)

    • getSingleResponses

      public static List<org.bouncycastle.cert.ocsp.SingleResp> getSingleResponses​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer)

    • getDigest

      public static Digest getDigest​(org.bouncycastle.asn1.esf.OtherHash otherHash)