public void extractInfo() { if (basicOCSPResp != null) { this.productionDate = basicOCSPResp.getProducedAt(); this.signatureAlgorithm = SignatureAlgorithm.forOID(basicOCSPResp.getSignatureAlgOID().getId()); SingleResp bestSingleResp = getBestSingleResp(basicOCSPResp, certId); if (bestSingleResp != null) { this.thisUpdate = bestSingleResp.getThisUpdate(); this.nextUpdate = bestSingleResp.getNextUpdate(); extractStatusInfo(bestSingleResp); extractArchiveCutOff(bestSingleResp); extractCertHashExtension(bestSingleResp); } } }
@Override public CRLValidity isValidCRL(InputStream crlStream, CertificateToken issuerToken) throws IOException { final CRLValidity crlValidity = new CRLValidity(); try (ByteArrayOutputStream baos = getDERContent(crlStream)) { CRLInfo crlInfos = getCrlInfos(baos); SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.forOID(crlInfos.getCertificateListSignatureAlgorithmOid()); byte[] digest = recomputeDigest(baos, getMessageDigest(signatureAlgorithm.getDigestAlgorithm())); crlValidity.setCrlEncoded(baos.toByteArray()); crlValidity.setSignatureAlgorithm(signatureAlgorithm); crlValidity.setThisUpdate(crlInfos.getThisUpdate()); crlValidity.setNextUpdate(crlInfos.getNextUpdate()); checkCriticalExtensions(crlValidity, crlInfos.getCriticalExtensions().keySet(), crlInfos.getCriticalExtension(Extension.issuingDistributionPoint.getId())); extractExpiredCertsOnCRL(crlValidity, crlInfos.getNonCriticalExtension(Extension.expiredCertsOnCRL.getId())); final X500Principal x509CRLIssuerX500Principal = crlInfos.getIssuer(); final X500Principal issuerTokenSubjectX500Principal = issuerToken.getSubjectX500Principal(); if (x509CRLIssuerX500Principal.equals(issuerTokenSubjectX500Principal)) { crlValidity.setIssuerX509PrincipalMatches(true); } checkSignatureValue(crlValidity, crlInfos.getSignatureValue(), digest, issuerToken); } return crlValidity; }
crlValidity.setSignatureAlgorithm(SignatureAlgorithm.forOID(sigAlgOID)); crlValidity.setThisUpdate(x509CRL.getThisUpdate()); crlValidity.setNextUpdate(x509CRL.getNextUpdate());