use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.
the class OcspBenchRequestor method ask.
public void ask(BigInteger[] serialNumbers) throws OcspRequestorException {
byte[] ocspReq = buildRequest(serialNumbers);
int size = ocspReq.length;
FullHttpRequest request;
if (size <= MAX_LEN_GET && requestOptions.isUseHttpGetForRequest()) {
String b64Request = Base64.encodeToString(ocspReq);
String urlEncodedReq;
try {
urlEncodedReq = URLEncoder.encode(b64Request, "UTF-8");
} catch (UnsupportedEncodingException ex) {
throw new OcspRequestorException(ex.getMessage());
}
String newRawpath = StringUtil.concat(responderRawPathGet, urlEncodedReq);
request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, newRawpath);
} else {
ByteBuf content = Unpooled.wrappedBuffer(ocspReq);
request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.POST, responderRawPathPost, content);
request.headers().addInt("Content-Length", content.readableBytes());
}
request.headers().add("Content-Type", "application/ocsp-request");
httpClient.send(request);
}
use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.
the class OcspBenchRequestor method init.
public void init(OcspBenchmark responseHandler, String responderUrl, Certificate issuerCert, RequestOptions requestOptions, int queueSize) throws Exception {
ParamUtil.requireNonNull("issuerCert", issuerCert);
ParamUtil.requireNonNull("responseHandler", responseHandler);
this.requestOptions = ParamUtil.requireNonNull("requestOptions", requestOptions);
HashAlgo hashAlgo = HashAlgo.getInstance(requestOptions.getHashAlgorithmId());
if (hashAlgo == null) {
throw new OcspRequestorException("unknown HashAlgo " + requestOptions.getHashAlgorithmId().getId());
}
this.issuerhashAlg = hashAlgo.getAlgorithmIdentifier();
this.issuerNameHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubject().getEncoded()));
this.issuerKeyHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubjectPublicKeyInfo().getPublicKeyData().getOctets()));
List<AlgorithmIdentifier> prefSigAlgs = requestOptions.getPreferredSignatureAlgorithms();
if (prefSigAlgs == null || prefSigAlgs.size() == 0) {
this.extensions = null;
} else {
ASN1EncodableVector vec = new ASN1EncodableVector();
for (AlgorithmIdentifier algId : prefSigAlgs) {
ASN1Sequence prefSigAlgObj = new DERSequence(algId);
vec.add(prefSigAlgObj);
}
ASN1Sequence extnValue = new DERSequence(vec);
Extension extn;
try {
extn = new Extension(ObjectIdentifiers.id_pkix_ocsp_prefSigAlgs, false, new DEROctetString(extnValue));
} catch (IOException ex) {
throw new OcspRequestorException(ex.getMessage(), ex);
}
this.extensions = new Extension[] { extn };
}
URI uri = new URI(responderUrl);
this.responderRawPathPost = uri.getRawPath();
if (this.responderRawPathPost.endsWith("/")) {
this.responderRawPathGet = this.responderRawPathPost;
} else {
this.responderRawPathGet = this.responderRawPathPost + "/";
}
this.httpClient = new HttpClient(responderUrl, responseHandler, queueSize);
this.httpClient.start();
}
use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.
the class HttpClient method send.
public void send(FullHttpRequest request) throws OcspRequestorException {
if (!channel.isActive()) {
throw new OcspRequestorException("channel is not active");
}
try {
latch.await(5, TimeUnit.SECONDS);
} catch (InterruptedException ex) {
throw new OcspRequestorException("sending poll is full");
}
incrementPendingRequests();
ChannelFuture future = this.channel.writeAndFlush(request);
future.awaitUninterruptibly();
}
use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.
the class AbstractOcspRequestor method ask.
@Override
public OCSPResp ask(X509Certificate issuerCert, X509Certificate cert, URL responderUrl, RequestOptions requestOptions, RequestResponseDebug debug) throws OcspResponseException, OcspRequestorException {
ParamUtil.requireNonNull("issuerCert", issuerCert);
ParamUtil.requireNonNull("cert", cert);
try {
if (!X509Util.issues(issuerCert, cert)) {
throw new IllegalArgumentException("cert and issuerCert do not match");
}
} catch (CertificateEncodingException ex) {
throw new OcspRequestorException(ex.getMessage(), ex);
}
return ask(issuerCert, new BigInteger[] { cert.getSerialNumber() }, responderUrl, requestOptions, debug);
}
use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.
the class AbstractOcspRequestor method ask.
@Override
public OCSPResp ask(X509Certificate issuerCert, X509Certificate[] certs, URL responderUrl, RequestOptions requestOptions, RequestResponseDebug debug) throws OcspResponseException, OcspRequestorException {
ParamUtil.requireNonNull("issuerCert", issuerCert);
ParamUtil.requireNonNull("certs", certs);
ParamUtil.requireMin("certs.length", certs.length, 1);
BigInteger[] serialNumbers = new BigInteger[certs.length];
for (int i = 0; i < certs.length; i++) {
X509Certificate cert = certs[i];
try {
if (!X509Util.issues(issuerCert, cert)) {
throw new IllegalArgumentException("cert at index " + i + " and issuerCert do not match");
}
} catch (CertificateEncodingException ex) {
throw new OcspRequestorException(ex.getMessage(), ex);
}
serialNumbers[i] = cert.getSerialNumber();
}
return ask(issuerCert, serialNumbers, responderUrl, requestOptions, debug);
}
Aggregations