Example 1 with ResponseData
use of org.xipki.ocsp.server.impl.type.ResponseData in project xipki by xipki.
the class OCSPRespBuilder method buildOCSPResponse.
// CHECKSTYLE:SKIP
public byte[] buildOCSPResponse(ConcurrentContentSigner signer, TaggedCertSequence taggedCertSequence, Date producedAt) throws OCSPException, NoIdleSignerException {
ResponseData responseData = new ResponseData(0, responderId, producedAt, list, responseExtensions);
byte[] tbs = new byte[responseData.getEncodedLength()];
responseData.write(tbs, 0);
ConcurrentBagEntrySigner signer0 = signer.borrowSigner();
byte[] signature;
byte[] sigAlgId;
try {
XiContentSigner csigner0 = signer0.value();
OutputStream sigOut = csigner0.getOutputStream();
try {
sigOut.write(tbs);
sigOut.close();
} catch (IOException ex) {
throw new OCSPException("exception signing TBSRequest: " + ex.getMessage(), ex);
}
signature = csigner0.getSignature();
sigAlgId = csigner0.getEncodedAlgorithmIdentifier();
} finally {
signer.requiteSigner(signer0);
}
// ----- Get the length -----
// BasicOCSPResponse.signature
int signatureBodyLen = signature.length + 1;
int signatureLen = getLen(signatureBodyLen);
// BasicOCSPResponse
int basicResponseBodyLen = tbs.length + sigAlgId.length + signatureLen;
if (taggedCertSequence != null) {
basicResponseBodyLen += taggedCertSequence.getEncodedLength();
}
int basicResponseLen = getLen(basicResponseBodyLen);
// OCSPResponse.[0].responseBytes
int responseBytesBodyLen = responseTypeBasic.length + // Header of OCTET STRING
getLen(basicResponseLen);
int responseBytesLen = getLen(responseBytesBodyLen);
// OCSPResponse.[0]
int taggedResponseBytesLen = getLen(responseBytesLen);
// OCSPResponse
int ocspResponseBodyLen = successfulStatus.length + taggedResponseBytesLen;
int ocspResponseLen = getLen(ocspResponseBodyLen);
// encode
byte[] out = new byte[ocspResponseLen];
int offset = 0;
offset += ASN1Type.writeHeader((byte) 0x30, ocspResponseBodyLen, out, offset);
// OCSPResponse.responseStatus
offset += arraycopy(successfulStatus, out, offset);
// OCSPResponse.[0]
offset += ASN1Type.writeHeader((byte) 0xA0, responseBytesLen, out, offset);
// OCSPResponse.[0]responseBytes
offset += ASN1Type.writeHeader((byte) 0x30, responseBytesBodyLen, out, offset);
// OCSPResponse.[0]responseBytes.responseType
offset += arraycopy(responseTypeBasic, out, offset);
// OCSPResponse.[0]responseBytes.responseType
// OCET STRING
offset += ASN1Type.writeHeader((byte) 0x04, basicResponseLen, out, offset);
// BasicOCSPResponse
offset += ASN1Type.writeHeader((byte) 0x30, basicResponseBodyLen, out, offset);
// BasicOCSPResponse.tbsResponseData
offset += arraycopy(tbs, out, offset);
// BasicOCSPResponse.signatureAlgorithm
offset += arraycopy(sigAlgId, out, offset);
// BasicOCSPResponse.signature
offset += ASN1Type.writeHeader((byte) 0x03, signatureBodyLen, out, offset);
// skipping bits
out[offset++] = 0x00;
offset += arraycopy(signature, out, offset);
if (taggedCertSequence != null) {
offset += taggedCertSequence.write(out, offset);
}
return out;
}
Also used :
OCSPException(org.bouncycastle.cert.ocsp.OCSPException)
ResponseData(org.xipki.ocsp.server.impl.type.ResponseData)
OutputStream(java.io.OutputStream)
IOException(java.io.IOException)
ConcurrentBagEntrySigner(org.xipki.security.ConcurrentBagEntrySigner)
XiContentSigner(org.xipki.security.XiContentSigner)
Aggregations
IOException (java.io.IOException)1
OutputStream (java.io.OutputStream)1
OCSPException (org.bouncycastle.cert.ocsp.OCSPException)1
ResponseData (org.xipki.ocsp.server.impl.type.ResponseData)1
ConcurrentBagEntrySigner (org.xipki.security.ConcurrentBagEntrySigner)1
XiContentSigner (org.xipki.security.XiContentSigner)1
