Search in sources :

Example 1 with ResponseData

use of org.xipki.ocsp.server.impl.type.ResponseData in project xipki by xipki.

the class OCSPRespBuilder method buildOCSPResponse.

// CHECKSTYLE:SKIP
public byte[] buildOCSPResponse(ConcurrentContentSigner signer, TaggedCertSequence taggedCertSequence, Date producedAt) throws OCSPException, NoIdleSignerException {
    ResponseData responseData = new ResponseData(0, responderId, producedAt, list, responseExtensions);
    byte[] tbs = new byte[responseData.getEncodedLength()];
    responseData.write(tbs, 0);
    ConcurrentBagEntrySigner signer0 = signer.borrowSigner();
    byte[] signature;
    byte[] sigAlgId;
    try {
        XiContentSigner csigner0 = signer0.value();
        OutputStream sigOut = csigner0.getOutputStream();
        try {
            sigOut.write(tbs);
            sigOut.close();
        } catch (IOException ex) {
            throw new OCSPException("exception signing TBSRequest: " + ex.getMessage(), ex);
        }
        signature = csigner0.getSignature();
        sigAlgId = csigner0.getEncodedAlgorithmIdentifier();
    } finally {
        signer.requiteSigner(signer0);
    }
    // ----- Get the length -----
    // BasicOCSPResponse.signature
    int signatureBodyLen = signature.length + 1;
    int signatureLen = getLen(signatureBodyLen);
    // BasicOCSPResponse
    int basicResponseBodyLen = tbs.length + sigAlgId.length + signatureLen;
    if (taggedCertSequence != null) {
        basicResponseBodyLen += taggedCertSequence.getEncodedLength();
    }
    int basicResponseLen = getLen(basicResponseBodyLen);
    // OCSPResponse.[0].responseBytes
    int responseBytesBodyLen = responseTypeBasic.length + // Header of OCTET STRING
    getLen(basicResponseLen);
    int responseBytesLen = getLen(responseBytesBodyLen);
    // OCSPResponse.[0]
    int taggedResponseBytesLen = getLen(responseBytesLen);
    // OCSPResponse
    int ocspResponseBodyLen = successfulStatus.length + taggedResponseBytesLen;
    int ocspResponseLen = getLen(ocspResponseBodyLen);
    // encode
    byte[] out = new byte[ocspResponseLen];
    int offset = 0;
    offset += ASN1Type.writeHeader((byte) 0x30, ocspResponseBodyLen, out, offset);
    // OCSPResponse.responseStatus
    offset += arraycopy(successfulStatus, out, offset);
    // OCSPResponse.[0]
    offset += ASN1Type.writeHeader((byte) 0xA0, responseBytesLen, out, offset);
    // OCSPResponse.[0]responseBytes
    offset += ASN1Type.writeHeader((byte) 0x30, responseBytesBodyLen, out, offset);
    // OCSPResponse.[0]responseBytes.responseType
    offset += arraycopy(responseTypeBasic, out, offset);
    // OCSPResponse.[0]responseBytes.responseType
    // OCET STRING
    offset += ASN1Type.writeHeader((byte) 0x04, basicResponseLen, out, offset);
    // BasicOCSPResponse
    offset += ASN1Type.writeHeader((byte) 0x30, basicResponseBodyLen, out, offset);
    // BasicOCSPResponse.tbsResponseData
    offset += arraycopy(tbs, out, offset);
    // BasicOCSPResponse.signatureAlgorithm
    offset += arraycopy(sigAlgId, out, offset);
    // BasicOCSPResponse.signature
    offset += ASN1Type.writeHeader((byte) 0x03, signatureBodyLen, out, offset);
    // skipping bits
    out[offset++] = 0x00;
    offset += arraycopy(signature, out, offset);
    if (taggedCertSequence != null) {
        offset += taggedCertSequence.write(out, offset);
    }
    return out;
}
Also used : OCSPException(org.bouncycastle.cert.ocsp.OCSPException) ResponseData(org.xipki.ocsp.server.impl.type.ResponseData) OutputStream(java.io.OutputStream) IOException(java.io.IOException) ConcurrentBagEntrySigner(org.xipki.security.ConcurrentBagEntrySigner) XiContentSigner(org.xipki.security.XiContentSigner)

Aggregations

IOException (java.io.IOException)1 OutputStream (java.io.OutputStream)1 OCSPException (org.bouncycastle.cert.ocsp.OCSPException)1 ResponseData (org.xipki.ocsp.server.impl.type.ResponseData)1 ConcurrentBagEntrySigner (org.xipki.security.ConcurrentBagEntrySigner)1 XiContentSigner (org.xipki.security.XiContentSigner)1