|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object | +--iaik.x509.ocsp.CertStatus
This class implements the OCSP type CertStaus.
The X.509
Online Certificate Status Protocol (RFC 2560) specifies the CertStatus
type for being included into a SingleResponse to indicate the revocation status of a particular
certificate asked for. The status either information either
may be "good", "revoked" or "unknown":
CertStatus ::= CHOICE {
good [0] IMPLICIT NULL,
revoked [1] IMPLICIT RevokedInfo,
unknown [2] IMPLICIT UnknownInfo }
good
The "good" state indicates a positive response to the status inquiry.
At a minimum, this positive response indicates that the certificate is
not revoked, but does not necessarily mean that the certificate was
ever issued or that the time at which the response was produced is
within the certificate's validity interval. Response extensions may
be used to convey additional information on assertions made by the
responder regarding the status of the certificate such as positive
statement about issuance, validity, etc.
revoked
The "revoked" state indicates that the certificate has been revoked
(either permanantly or temporarily (on hold)).
unknown
The "unknown" state indicates that the responder doesn't know about
the certificate being requested.
A CertStatus object indicating the status "good" can be created by using
the empty default constructor:
CertStatus goodStatus = new CertStatus();When
creating a CertStatus for a "revoked"
certificate, a RevokedInfo has to be supplied,
e.g.:
Date revocationDate = ...; RevokedInfo revokedInfo = new RevokedInfo(revocationDate); ReasonCode revocationReason = new ReasonCode(ReasonCode.keyCompromise); revokedInfo.setRevocationReason(revocationReason); CertStatus revokedStatus = new CertStatus(revokedInfo);An
UnknownInfo indicates the CertStatus "unknown":
CertStatus unknownStatus = new CertStatus(new UnknownInfo());After creating a CertStatus object it has to be included into a
SingleResponse given
for a particular certificate, e.g.:
SingleResponse singleResponse =
new SingleResponse(reqCert, certStatus, thisUpdateDate);
RevokedInfo,
UnknownInfo,
SingleResponse| Field Summary | |
static int |
GOOD
CertStatus "good" (0). |
static int |
REVOKED
CertStatus "revoked" (1). |
static int |
UNKNOWN
CertStatus "unknown" (2). |
| Constructor Summary | |
CertStatus()
Creates a CertStatus for indicating the status information "good". |
|
CertStatus(ASN1Object obj)
Creates a CertStatus from an ASN1Object. |
|
CertStatus(RevokedInfo revokedInfo)
Creates a CertStatus for indicating the status information "revoked". |
|
CertStatus(UnknownInfo unknownInfo)
Creates a CertStatus for indicating the status information "unknown". |
|
| Method Summary | |
int |
getCertStatus()
Returns the cert status. |
String |
getCertStatusName()
Returns the cert status as string. |
RevokedInfo |
getRevokedInfo()
Returns the RevokedInfo, if present. |
UnknownInfo |
getUnknownInfo()
Returns the UnknownInfo, if present. |
ASN1Object |
toASN1Object()
Returns this CertStatus as an ASN1Object. |
String |
toString()
Returns a String representation of this CertStatus. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Field Detail |
public static final int GOOD
public static final int REVOKED
public static final int UNKNOWN
| Constructor Detail |
public CertStatus()
The "good" state indicates a positive response to the status inquiry.
At a minimum, this positive response indicates that the certificate is
not revoked, but does not necessarily mean that the certificate was
ever issued or that the time at which the response was produced is
within the certificate's validity interval. Response extensions may
be used to convey additional information on assertions made by the
responder regarding the status of the certificate such as positive
statement about issuance, validity, etc.
public CertStatus(RevokedInfo revokedInfo)
The "revoked" state indicates that the certificate has been revoked (either permanantly or temporarily (on hold)).
revokedInfo - the revocation informationpublic CertStatus(UnknownInfo unknownInfo)
The "unknown" state indicates that the responder doesn't know about the certificate being requested.
unknownInfo - an UnknownInfo, either representing a ASN.1 NULL object
or an ASN.1 ENUMERATED
public CertStatus(ASN1Object obj)
throws CodingException
obj - the CertStatus as ASN1ObjectCodingException - if the ASN1Object has the wrong format| Method Detail |
public int getCertStatus()
public String getCertStatusName()
public RevokedInfo getRevokedInfo()
This method only may called when the indicated cert status is "revoked" (1).
public UnknownInfo getUnknownInfo()
This method only may called when the indicated cert status is "unknown" (2).
public ASN1Object toASN1Object()
public String toString()
toString in class Object
|
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note). | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK