Examples with OcspRequestorException org.xipki.ocsp.client.api.OcspRequestorException used on opensource projects

Search in sources :

Example 1 with OcspRequestorException

use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.

the class OcspBenchRequestor method ask.

public void ask(BigInteger[] serialNumbers) throws OcspRequestorException {
    byte[] ocspReq = buildRequest(serialNumbers);
    int size = ocspReq.length;
    FullHttpRequest request;
    if (size <= MAX_LEN_GET && requestOptions.isUseHttpGetForRequest()) {
        String b64Request = Base64.encodeToString(ocspReq);
        String urlEncodedReq;
        try {
            urlEncodedReq = URLEncoder.encode(b64Request, "UTF-8");
        } catch (UnsupportedEncodingException ex) {
            throw new OcspRequestorException(ex.getMessage());
        }
        String newRawpath = StringUtil.concat(responderRawPathGet, urlEncodedReq);
        request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, newRawpath);
    } else {
        ByteBuf content = Unpooled.wrappedBuffer(ocspReq);
        request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.POST, responderRawPathPost, content);
        request.headers().addInt("Content-Length", content.readableBytes());
    }
    request.headers().add("Content-Type", "application/ocsp-request");
    httpClient.send(request);
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) FullHttpRequest(io.netty.handler.codec.http.FullHttpRequest) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) UnsupportedEncodingException(java.io.UnsupportedEncodingException) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ByteBuf(io.netty.buffer.ByteBuf)

Example 2 with OcspRequestorException

use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.

the class OcspBenchRequestor method init.

public void init(OcspBenchmark responseHandler, String responderUrl, Certificate issuerCert, RequestOptions requestOptions, int queueSize) throws Exception {
    ParamUtil.requireNonNull("issuerCert", issuerCert);
    ParamUtil.requireNonNull("responseHandler", responseHandler);
    this.requestOptions = ParamUtil.requireNonNull("requestOptions", requestOptions);
    HashAlgo hashAlgo = HashAlgo.getInstance(requestOptions.getHashAlgorithmId());
    if (hashAlgo == null) {
        throw new OcspRequestorException("unknown HashAlgo " + requestOptions.getHashAlgorithmId().getId());
    }
    this.issuerhashAlg = hashAlgo.getAlgorithmIdentifier();
    this.issuerNameHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubject().getEncoded()));
    this.issuerKeyHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubjectPublicKeyInfo().getPublicKeyData().getOctets()));
    List<AlgorithmIdentifier> prefSigAlgs = requestOptions.getPreferredSignatureAlgorithms();
    if (prefSigAlgs == null || prefSigAlgs.size() == 0) {
        this.extensions = null;
    } else {
        ASN1EncodableVector vec = new ASN1EncodableVector();
        for (AlgorithmIdentifier algId : prefSigAlgs) {
            ASN1Sequence prefSigAlgObj = new DERSequence(algId);
            vec.add(prefSigAlgObj);
        }
        ASN1Sequence extnValue = new DERSequence(vec);
        Extension extn;
        try {
            extn = new Extension(ObjectIdentifiers.id_pkix_ocsp_prefSigAlgs, false, new DEROctetString(extnValue));
        } catch (IOException ex) {
            throw new OcspRequestorException(ex.getMessage(), ex);
        }
        this.extensions = new Extension[] { extn };
    }
    URI uri = new URI(responderUrl);
    this.responderRawPathPost = uri.getRawPath();
    if (this.responderRawPathPost.endsWith("/")) {
        this.responderRawPathGet = this.responderRawPathPost;
    } else {
        this.responderRawPathGet = this.responderRawPathPost + "/";
    }
    this.httpClient = new HttpClient(responderUrl, responseHandler, queueSize);
    this.httpClient.start();
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) Extension(org.bouncycastle.asn1.x509.Extension) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) HashAlgo(org.xipki.security.HashAlgo) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) IOException(java.io.IOException) URI(java.net.URI) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 3 with OcspRequestorException

use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.

the class HttpClient method send.

public void send(FullHttpRequest request) throws OcspRequestorException {
    if (!channel.isActive()) {
        throw new OcspRequestorException("channel is not active");
    }
    try {
        latch.await(5, TimeUnit.SECONDS);
    } catch (InterruptedException ex) {
        throw new OcspRequestorException("sending poll is full");
    }
    incrementPendingRequests();
    ChannelFuture future = this.channel.writeAndFlush(request);
    future.awaitUninterruptibly();
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) ChannelFuture(io.netty.channel.ChannelFuture)

Example 4 with OcspRequestorException

use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.

the class AbstractOcspRequestor method ask.

@Override
public OCSPResp ask(X509Certificate issuerCert, X509Certificate cert, URL responderUrl, RequestOptions requestOptions, RequestResponseDebug debug) throws OcspResponseException, OcspRequestorException {
    ParamUtil.requireNonNull("issuerCert", issuerCert);
    ParamUtil.requireNonNull("cert", cert);
    try {
        if (!X509Util.issues(issuerCert, cert)) {
            throw new IllegalArgumentException("cert and issuerCert do not match");
        }
    } catch (CertificateEncodingException ex) {
        throw new OcspRequestorException(ex.getMessage(), ex);
    }
    return ask(issuerCert, new BigInteger[] { cert.getSerialNumber() }, responderUrl, requestOptions, debug);
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) CertificateEncodingException(java.security.cert.CertificateEncodingException)

Example 5 with OcspRequestorException

use of org.xipki.ocsp.client.api.OcspRequestorException in project xipki by xipki.

the class AbstractOcspRequestor method ask.

@Override
public OCSPResp ask(X509Certificate issuerCert, X509Certificate[] certs, URL responderUrl, RequestOptions requestOptions, RequestResponseDebug debug) throws OcspResponseException, OcspRequestorException {
    ParamUtil.requireNonNull("issuerCert", issuerCert);
    ParamUtil.requireNonNull("certs", certs);
    ParamUtil.requireMin("certs.length", certs.length, 1);
    BigInteger[] serialNumbers = new BigInteger[certs.length];
    for (int i = 0; i < certs.length; i++) {
        X509Certificate cert = certs[i];
        try {
            if (!X509Util.issues(issuerCert, cert)) {
                throw new IllegalArgumentException("cert at index " + i + " and issuerCert do not match");
            }
        } catch (CertificateEncodingException ex) {
            throw new OcspRequestorException(ex.getMessage(), ex);
        }
        serialNumbers[i] = cert.getSerialNumber();
    }
    return ask(issuerCert, serialNumbers, responderUrl, requestOptions, debug);
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) BigInteger(java.math.BigInteger) CertificateEncodingException(java.security.cert.CertificateEncodingException) X509Certificate(java.security.cert.X509Certificate)

Aggregations

OcspRequestorException (org.xipki.ocsp.client.api.OcspRequestorException)8 DEROctetString (org.bouncycastle.asn1.DEROctetString)5 IOException (java.io.IOException)4 BigInteger (java.math.BigInteger)4 Extension (org.bouncycastle.asn1.x509.Extension)4 CertificateEncodingException (java.security.cert.CertificateEncodingException)3 CertID (org.bouncycastle.asn1.ocsp.CertID)3 OCSPException (org.bouncycastle.cert.ocsp.OCSPException)3 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)2 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)2 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)2 DERSequence (org.bouncycastle.asn1.DERSequence)2 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)2 Extensions (org.bouncycastle.asn1.x509.Extensions)2 CertificateID (org.bouncycastle.cert.ocsp.CertificateID)2 InvalidOcspResponseException (org.xipki.ocsp.client.api.InvalidOcspResponseException)2 OcspNonceUnmatchedException (org.xipki.ocsp.client.api.OcspNonceUnmatchedException)2 OcspTargetUnmatchedException (org.xipki.ocsp.client.api.OcspTargetUnmatchedException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial