SSE4E GPError GPSystem ByteString ByteBuffer TLV TLVList Card Atr Key Crypto Application GPApplication GPSecDomain ASN1 CardFile IsoSecureChannel ApplFactory GPXML JsScript CardSim X509 CRL KeyStore CMSSignedData CMSGenerator XMLSignature OCSPQuery LDAP SOAP URLConnection PKCS11Provider PKCS11Session PKCS11Object OutlineNode OpenSCDP |
OCSPQuery - Reference DocumentationClass implementing support for the Online Certificate Status Protocol (OCSP) Index of Methods
Constants
ConstructorPrototypeOCSPQuery(X509 rootCert, X509 issuerCert) OCSPQuery(X509 issuerCert) DescriptionCreate OCSPQuery object that can be used to collect certificates for which the the status can be queried from an OCSP responder. The URL for the OCSP responder is taken from isserCert. If the root certificate is ommited from the constructor, then the signature on the OCSP response is only validated against the list of certificates in the OCSPResponse. No link to a trusted anchor is verified in that case. Arguments
Exceptions
Examplerootcert = new X509("root.cer"); cacert = new X509("ca.cer"); query = new OCSPQuery(cacert); query = new OCSPQuery(rootcert, cacert); add()PrototypeOCSPQuery add(X509 cert) DescriptionAdd a certificate to the query. The certificate must be issued by the instance identified by the isserCert certificate in the OCSPQuery constructor. Multiple certificates can be included in a single query.Arguments
Return
Exceptions
Examplegoodcert = new X509("ee_good.cer"); revokedcert = new X509("ee_revoked.cer"); query.add(goodcert); assert(query.add(revokedcert) instanceof OCSPQuery); execute()PrototypeOCSPQuery execute() DescriptionExecute query against OCSP server. This is a one in all method. It extracts the URL from the issuer certificate, builds the request, posts the message, obtains the response and decodes the status information.Return
Exceptions
Exampleassert(query.execute() instanceof OCSPQuery); post()PrototypeOCSPQuery post(String url, ByteString request) OCSPQuery post(String url, ByteString request, String[] header) DescriptionSend a request to the server identified by the url with a custom HTTP header. This method is suitable for test setups using custom build requests and header fields.Arguments
Return
Exceptions
Examplevar request = query.getRequest(); var response = query.post("http://ocsp.ecard.sozialversicherung.at", request); assert(response.length > 0); var header = [ "Content-Length: " + request.length, "Content-Type: application/ocsp-request" ]; var response = query.post("http://ocsp.ecard.sozialversicherung.at", request, header); assert(response.length > 0); getStatus()PrototypeNumber getStatus(X509 cert) DescriptionQuery status from cached result of previous query operationArguments
Return
Exceptions
Exampleassert(query.getStatus(goodcert) == OCSPQuery.GOOD); assert(query.getStatus(revokedcert) != OCSPQuery.GOOD); getStatusString()PrototypeString getStatusString(X509 cert) DescriptionQuery status from cached result of previous query operation and return a human readable stringArguments
Return
Exceptions
Exampleprint("ee_good.cer : " + query.getStatusString(goodcert)); print("ee_revoked.cer : " + query.getStatusString(revokedcert)); getRevocationTime()PrototypeDate getRevocationTime(X509 cert) DescriptionQuery revocation time from cached result of previous query operationArguments
Return
Exceptions
Examplevar rt = query.getRevocationTime(revokedcert); assert(rt instanceof Date); print("ee_revoked.cer : " + rt); getRequest()PrototypeByteString getRequest() DescriptionObtain DER encoded OCSP requestReturn
Exceptions
Examplereq = query.getRequest(); assert(req instanceof ByteString); print(req.toString(HEX)); getResponse()PrototypeByteString getResponse() DescriptionObtain DER encoded OCSP response as returned from OCSP serverReturn
Exceptions
Exampleres = query.getResponse(); assert(res instanceof ByteString); print(res.toString(HEX)); © Copyright 2003 - 2010 CardContact Software & System Consulting, Minden, Germany |