public boolean isSignatureValid(BasicOCSPResp resp, ContentVerifierProvider verifierProvider) throws Exception { try { ContentVerifier verifier = verifierProvider.get(resp.getSignatureAlgorithmID()); OutputStream vOut = verifier.getOutputStream(); vOut.write(resp.getTBSResponseData()); vOut.close(); ASN1Primitive obj = ASN1Primitive.fromByteArray(resp.getEncoded()); BasicOCSPResponse bresp = BasicOCSPResponse.getInstance(obj); boolean bOk = verifier.verify(bresp.getSignature().getBytes()); if(m_logger.isDebugEnabled()) m_logger.debug("Verify ocsp sig: " + ConvertUtils.bin2hex(bresp.getSignature().getBytes()) + " RC: " + bOk); return bOk; } catch (Exception ex) { m_logger.error("ocsp exception: " + ex); m_logger.error("Trace; " + ConvertUtils.getTrace(ex)); throw ex; } }