Package eu.europa.esig.dss.service.ocsp
Class OnlineOCSPSource
java.lang.Object
eu.europa.esig.dss.service.ocsp.OnlineOCSPSource
- All Implemented Interfaces:
OCSPSource,OnlineRevocationSource<OCSP>,RevocationSource<OCSP>,RevocationSourceAlternateUrlsSupport<OCSP>,Serializable
public class OnlineOCSPSource
extends Object
implements OCSPSource, RevocationSourceAlternateUrlsSupport<OCSP>, OnlineRevocationSource<OCSP>
Online OCSP repository. This implementation will contact the OCSP Responder
to retrieve the OCSP response.
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface eu.europa.esig.dss.spi.x509.revocation.OnlineRevocationSource
OnlineRevocationSource.RevocationTokenAndUrl<R extends Revocation> -
Constructor Summary
ConstructorsConstructorDescriptionCreate an OCSP source The default constructor for OnlineOCSPSource.OnlineOCSPSource(DataLoader dataLoader) Creates an Online OCSP Source with the providedDataLoaderinstance. -
Method Summary
Modifier and TypeMethodDescriptiongetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationTokenfor the certificateTokengetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken, List<String> alternativeUrls) Gets anRevocationTokenfor the given certificate / issuer's certificate couple.getRevocationTokenAndUrl(CertificateToken certificateToken, CertificateToken issuerToken) This method retrieves aRevocationTokenAndUrlfor the certificateTokenprotected OnlineRevocationSource.RevocationTokenAndUrl<OCSP>getRevocationTokenAndUrl(CertificateToken certificateToken, CertificateToken issuerToken, List<String> ocspUrls) Extracts an OCSP token for acertificateTokenfrom the given list ofocspUrlsvoidsetCertIDDigestAlgorithm(DigestAlgorithm certIDDigestAlgorithm) This method allows setting of DigestAlgorithm to be used in hash calculation for CertID element in an OCSP request buildingvoidsetDataLoader(DataLoader dataLoader) Set the DataLoader to use for querying a revocation server.voidsetNonceSource(NonceSource nonceSource) Set the NonceSource to use for querying the OCSP server.
-
Constructor Details
-
OnlineOCSPSource
public OnlineOCSPSource()Create an OCSP source The default constructor for OnlineOCSPSource. The defaultOCSPDataLoaderis set. It is possible to change it with#setDataLoader(dataLoader). -
OnlineOCSPSource
Creates an Online OCSP Source with the providedDataLoaderinstance. It is still possible to change the defined instance with#setDataLoader(dataLoader).- Parameters:
dataLoader-DataLoaderto use
-
-
Method Details
-
setDataLoader
Description copied from interface:OnlineRevocationSourceSet the DataLoader to use for querying a revocation server.- Specified by:
setDataLoaderin interfaceOnlineRevocationSource<OCSP>- Parameters:
dataLoader- the component that allows to retrieve a revocation response using HTTP.
-
setNonceSource
Set the NonceSource to use for querying the OCSP server.- Parameters:
nonceSource- the component that prevents the replay attack.
-
setCertIDDigestAlgorithm
This method allows setting of DigestAlgorithm to be used in hash calculation for CertID element in an OCSP request building- Parameters:
certIDDigestAlgorithm-DigestAlgorithm
-
getRevocationToken
public OCSPToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Description copied from interface:RevocationSourceThis method retrieves aRevocationTokenfor the certificateToken- Specified by:
getRevocationTokenin interfaceOCSPSource- Specified by:
getRevocationTokenin interfaceRevocationSource<OCSP>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- an instance of
RevocationToken
-
getRevocationToken
public OCSPToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken, List<String> alternativeUrls) Description copied from interface:RevocationSourceAlternateUrlsSupportGets anRevocationTokenfor the given certificate / issuer's certificate couple. The coherence between the response and the request is checked.- Specified by:
getRevocationTokenin interfaceRevocationSourceAlternateUrlsSupport<OCSP>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateTokenalternativeUrls- The list of alternative urls to call- Returns:
RevocationTokencontaining information about the validity of the cert
-
getRevocationTokenAndUrl
public OnlineRevocationSource.RevocationTokenAndUrl<OCSP> getRevocationTokenAndUrl(CertificateToken certificateToken, CertificateToken issuerToken) Description copied from interface:OnlineRevocationSourceThis method retrieves aRevocationTokenAndUrlfor the certificateToken- Specified by:
getRevocationTokenAndUrlin interfaceOnlineRevocationSource<OCSP>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- an instance of
RevocationTokenAndUrl
-
getRevocationTokenAndUrl
protected OnlineRevocationSource.RevocationTokenAndUrl<OCSP> getRevocationTokenAndUrl(CertificateToken certificateToken, CertificateToken issuerToken, List<String> ocspUrls) Extracts an OCSP token for acertificateTokenfrom the given list ofocspUrls- Parameters:
certificateToken-CertificateTokento get an OCSP token forissuerToken-CertificateTokenissued thecertificateTokenocspUrls- a list ofStringURLs to use to access an OCSP token- Returns:
OnlineRevocationSource.RevocationTokenAndUrl
-