com.rsa.certj.provider.revocation.ocsp

Class OCSPutil

java.lang.Object
  |
  +--com.rsa.certj.provider.revocation.ocsp.OCSPutil

public final class OCSPutil

extends Object

This class contains static utility routes for OCSP.java

Copyright © RSA Security Inc., 2001. All rights reserved.

Constructor Summary

OCSPutil()

Method Summary

static byte[]	extractKeyDER(byte[] ber, int offset) Returns the value of the given key in BER, ber beginning at offset.
static String	getAIALocation(X509Certificate cert) Gets the location of the first AuthorityInfoAccess that is a URL.
static byte[]	makeDataDigest(CertJ certJ, String digestAlg, byte[] data, int offset, int len) Makes a data digest for cert using the algorithm contained in digestAlg and updates the digest object specified in data at the location given by offset and len.
static int	selectCertificateByKeyHash(CertJ certJ, DatabaseService db, byte[] hash, int hashOffset, int hashLen, Vector certs) Find the certificate in the database with the specified SHA1 keyHash and add it to certList.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OCSPutil

public OCSPutil()

Method Detail

getAIALocation

public static String getAIALocation(X509Certificate cert)

Gets the location of the first AuthorityInfoAccess that is a URL. Any subsequent AIAs are ignored.

Parameters

cert

An X509Certificate object.

Returns

The URL of the first AIA, or null.

makeDataDigest

public static byte[] makeDataDigest(CertJ certJ,
                                    String digestAlg,
                                    byte[] data,
                                    int offset,
                                    int len)
                             throws InvalidParameterException

Makes a data digest for cert using the algorithm contained in digestAlg and updates the digest object specified in data at the location given by offset and len.

Parameters

	certJ		A certJ object.
	digestAlg		A String containing the digest algorithm to use.
	data		A byte array containing the digest object.
	offset		The offset into date.
	len		The length of digest.

Returns

The DER encoding of the data digest.

Throws

InvalidParameterException - If there is any error in any of the parameters.

extractKeyDER

public static byte[] extractKeyDER(byte[] ber,
                                   int offset)
                            throws com.rsa.asn1.ASN_Exception

Returns the value of the given key in BER, ber beginning at offset. The tag and length and length are not returned. The definition is as follows:

 SubjectPublicKeyInfo ::= SEQUENCE {
   algorithm              AlgorithmIdentifier,
   subjectPublicKey       BIT STRING }

Parameters

	ber		The ber encoding where the key is located.
	offset		The offset into ber where the value begins.

Throws

com.rsa.asn1.ASN_Exception - If an error occurs during processing.

selectCertificateByKeyHash

public static int selectCertificateByKeyHash(CertJ certJ,
                                             DatabaseService db,
                                             byte[] hash,
                                             int hashOffset,
                                             int hashLen,
                                             Vector certs)
                                      throws DatabaseException,
                                             NoServiceException,
                                             CertificateException,
                                             InvalidParameterException

Find the certificate in the database with the specified SHA1 keyHash and add it to certList.

This form of certificate identification is rare. Very few OCSP responders use this form of certificate identification.

Parameters

	certJ		A certJ object.
	db		The database to search.
	hash		The SHA1 keyHash.
	hashOffset		The offset of hash.
	hashLen		The length of hash.
	certs		A Vector that holds certificate values.