Package com.itextpdf.signatures.validation.v1

Class ValidationOcspClient

java.lang.Object
com.itextpdf.signatures.validation.v1.ValidationOcspClient
All Implemented Interfaces:
IOcspClient
public class ValidationOcspClient extends Object implements IOcspClient
OCSP client which is expected to be used in case OCSP responses shall be linked with generation date.

  • Constructor Details

  • Method Details

    • addResponse

      public void addResponse (IBasicOCSPResp response, Date date, TimeBasedContext context)
      Add OCSP response which is linked with generation date.
      Parameters:
      response - IBasicOCSPResp response to be added
      date - Date to be linked with the response
      context - TimeBasedContext time based context which corresponds to generation date

    • getResponses

      public Map<IBasicOCSPResp,RevocationDataValidator.OcspResponseValidationInfo> getResponses()
      Get all the OCSP responses linked with generation dates.
      Returns:
      all the OCSP responses linked with generation dates

    • getEncoded

      public byte[] getEncoded (X509Certificate checkCert, X509Certificate issuerCert, String url)
      Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.

      Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data..

      Specified by:
      getEncoded in interface IOcspClient
      Parameters:
      checkCert - Certificate to check.
      issuerCert - The parent certificate.
      url - The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source.
      Returns:
      a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained
      See Also: