Class ValidationOcspClient
java.lang.Object
com.itextpdf.signatures.validation.ValidationOcspClient
- All Implemented Interfaces:
-
IOcspClient
OCSP client which is expected to be used in case OCSP responses shall be linked with generation date.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addResponse
(IBasicOCSPResp response, Date date, TimeBasedContext context) Add OCSP response which is linked with generation date.byte[]
getEncoded
(X509Certificate checkCert, X509Certificate issuerCert, String url) Fetch a DER-encoded BasicOCSPResponse from an OCSP responder.Get all the OCSP responses linked with generation dates.
-
Constructor Details
-
ValidationOcspClient
public ValidationOcspClient()Create newValidationOcspClient
instance.
-
-
Method Details
-
addResponse
Add OCSP response which is linked with generation date.- Parameters:
-
response
-IBasicOCSPResp
response to be added -
date
-Date
to be linked with the response -
context
-TimeBasedContext
time based context which corresponds to generation date
-
getResponses
Get all the OCSP responses linked with generation dates.- Returns:
- all the OCSP responses linked with generation dates
-
getEncoded
Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data..
- Specified by:
-
getEncoded
in interfaceIOcspClient
- Parameters:
-
checkCert
- Certificate to check. -
issuerCert
- The parent certificate. -
url
- The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source. - Returns:
- a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained
- See Also:
-