OCSPUnidResponse


1   /*************************************************************************
2    *                                                                       *
3    *  EJBCA: The OpenSource Certificate Authority                          *
4    *                                                                       *
5    *  This software is free software; you can redistribute it and/or       *
6    *  modify it under the terms of the GNU Lesser General Public           *
7    *  License as published by the Free Software Foundation; either         *
8    *  version 2.1 of the License, or any later version.                    *
9    *                                                                       *
10   *  See terms of license at gnu.org.                                     *
11   *                                                                       *
12   *************************************************************************/
13  
14  package org.ejbca.core.protocol.ocsp;
15  
16  import org.bouncycastle.ocsp.BasicOCSPResp;
17  import org.bouncycastle.ocsp.OCSPException;
18  import org.bouncycastle.ocsp.OCSPResp;
19  import org.bouncycastle.ocsp.RevokedStatus;
20  import org.bouncycastle.ocsp.SingleResp;
21  import org.bouncycastle.ocsp.UnknownStatus;
22  
23  /** Class holding data returned by the OCSPUnidExtension
24   * 
25   * @author tomas
26   * @version $Id: OCSPUnidResponse.java,v 1.7 2006/07/30 17:04:32 anatom Exp $
27   *
28   */
29  public class OCSPUnidResponse {
30      
31      /** Constants capturing the OCSP response status. 
32       * These are the return codes defined in the RFC. 
33       * The codes are just used for simple access to the OCSP return value. 
34       */
35      public static final int OCSP_GOOD = 1;
36      public static final int OCSP_REVOKED = 2;
37      public static final int OCSP_UNKNOWN = 3;
38  
39      //
40      // Constants for error status
41      //
42      /**
43       * This is the standard code when no error occurred. Ideally this should always be the returned value.
44       */
45      public static final int ERROR_NO_ERROR = 0;
46      /**
47       * An unknown error has occurred (for example internal server error on the OCSP responder) .
48       */
49      public static final int ERROR_UNKNOWN = 1;
50      /**
51       * You are not authorized to perform a FNR/UNID lookup.
52       */
53      public static final int ERROR_UNAUTHORIZED = 2;
54      /**
55       * There was no response from the server.
56       */
57      public static final int ERROR_NO_RESPONSE = 3;
58      /**
59       * This error is returned when the signature of the OCSP-response sent by the server has an invalid 
60       * signature. This should typically never happen unless the OCSP-server is compromised in someway, 
61       * a fake OCSP-server is installed or something went wrong with the communication so the response 
62       * was truncated.
63       */
64      public static final int ERROR_INVALID_SIGNATURE = 4;
65      /**
66       * This error is returned when the signerId in the OCSP-response sent by the server does not match
67       * the first certificate in the chain in the response. 
68       * This should typically never happen unless the OCSP-server is broken. 
69       */
70      public static final int ERROR_INVALID_SIGNERID = 5;
71      /**
72       * This error is returned when the OCSP signers certificate can not be verified using the CA-certificate.
73       * This should typically never happen unless the OCSP-server is broken or compromised. 
74       */
75      public static final int ERROR_INVALID_SIGNERCERT = 6;
76      /**
77       * You did not specify a URI in the call, and there is not one embedded in the certificate.
78       */
79      public static final int ERROR_NO_OCSP_URI = 5;
80  
81      /*
82       * Private vaiables
83       */
84      private OCSPResp resp = null;
85      private String   fnr = null;
86      private int httpReturnCode = 200;
87      private int errCode = OCSPUnidResponse.ERROR_NO_ERROR;
88      
89      public OCSPUnidResponse() {
90      }
91      public OCSPUnidResponse(OCSPResp ocspresp) {
92          this.resp = ocspresp;
93      }
94      public int getHttpReturnCode() {
95          return httpReturnCode;
96      }
97      public void setHttpReturnCode(int code) {
98          httpReturnCode = code;
99      }
100     public int getErrorCode() {
101         return errCode;
102     }
103     public void setErrorCode(int code) {
104         errCode = code;
105     }
106     public String   getFnr() {
107         return fnr;
108     }
109     public void setFnr(String   fnr) {
110         this.fnr = fnr;
111     }
112     public OCSPResp getResp() {
113         return resp;
114     }
115     public void setResp(OCSPResp resp) {
116         this.resp = resp;
117     }
118     public int getStatus() {
119         if (resp == null) {
120             return OCSPUnidResponse.OCSP_UNKNOWN;
121         }
122         try {
123             BasicOCSPResp brep;
124             brep = (BasicOCSPResp) resp.getResponseObject();
125             SingleResp[] singleResps = brep.getResponses();
126             SingleResp singleResp = singleResps[0];
127             Object   status = singleResp.getCertStatus();
128             if (status == null) {
129                 return OCSPUnidResponse.OCSP_GOOD;
130             }
131             if (status instanceof RevokedStatus) {
132                 return OCSPUnidResponse.OCSP_REVOKED;
133             }
134             if (status instanceof UnknownStatus) {
135                 return OCSPUnidResponse.OCSP_UNKNOWN;
136             }
137         } catch (OCSPException e) {
138             // Ignore, default return
139         }
140         return OCSPUnidResponse.OCSP_UNKNOWN;
141         
142     }
143     
144     
145 }
146
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags