< prev index next >
src/java.base/share/classes/sun/security/provider/certpath/OCSP.java
Print this page
*** 33,42 ****
--- 33,43 ----
import java.security.cert.CertificateException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertPathValidatorException.BasicReason;
import java.security.cert.CRLReason;
import java.security.cert.Extension;
+ import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.List;
*** 123,134 ****
} catch (CertificateException | IOException e) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", e);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
! responderURI, new OCSPResponse.IssuerInfo(issuerCert), null, null,
! Collections.<Extension>emptyList());
return (RevocationStatus)ocspResponse.getSingleResponse(certId);
}
/**
* Obtains the revocation status of a certificate using OCSP.
--- 124,135 ----
} catch (CertificateException | IOException e) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", e);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
! responderURI, new OCSPResponse.IssuerInfo(null, issuerCert), null,
! null, Collections.<Extension>emptyList());
return (RevocationStatus)ocspResponse.getSingleResponse(certId);
}
/**
* Obtains the revocation status of a certificate using OCSP.
*** 162,181 ****
URI responderURI,
X509Certificate responderCert,
Date date, List<Extension> extensions)
throws IOException, CertPathValidatorException
{
CertId certId = null;
try {
X509CertImpl certImpl = X509CertImpl.toImpl(cert);
certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
} catch (CertificateException | IOException e) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", e);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
! responderURI, new OCSPResponse.IssuerInfo(issuerCert),
responderCert, date, extensions);
return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
/**
--- 163,196 ----
URI responderURI,
X509Certificate responderCert,
Date date, List<Extension> extensions)
throws IOException, CertPathValidatorException
{
+ return check(cert, responderURI,
+ new TrustAnchor(issuerCert.getSubjectX500Principal(),
+ issuerCert.getPublicKey(), null),
+ issuerCert, responderCert, date, extensions);
+ }
+
+ public static RevocationStatus check(X509Certificate cert,
+ URI responderURI,
+ TrustAnchor anchor,
+ X509Certificate issuerCert,
+ X509Certificate responderCert,
+ Date date, List<Extension> extensions)
+ throws IOException, CertPathValidatorException
+ {
CertId certId = null;
try {
X509CertImpl certImpl = X509CertImpl.toImpl(cert);
certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
} catch (CertificateException | IOException e) {
throw new CertPathValidatorException
("Exception while encoding OCSPRequest", e);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
! responderURI, new OCSPResponse.IssuerInfo(anchor, issuerCert),
responderCert, date, extensions);
return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
/**
< prev index next >