Package org.bouncycastle.asn1.isismtt.ocsp

Class RequestedCertificate

java.lang.Object
org.bouncycastle.asn1.ASN1Object
org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate
All Implemented Interfaces:
org.bouncycastle.asn1.ASN1Choice, org.bouncycastle.asn1.ASN1Encodable, org.bouncycastle.util.Encodable
public class RequestedCertificate extends org.bouncycastle.asn1.ASN1Object implements org.bouncycastle.asn1.ASN1Choice
ISIS-MTT-Optional: The certificate requested by the client by inserting the RetrieveIfAllowed extension in the request, will be returned in this extension.

ISIS-MTT-SigG: The signature act allows publishing certificates only then, when the certificate owner gives his explicit permission. Accordingly, there may be �nondownloadable� certificates, about which the responder must provide status information, but MUST NOT include them in the response. Clients may get therefore the following three kind of answers on a single request including the RetrieveIfAllowed extension:

  • a) the responder supports the extension and is allowed to publish the certificate: RequestedCertificate returned including the requested certificate
  • b) the responder supports the extension but is NOT allowed to publish the certificate: RequestedCertificate returned including an empty OCTET STRING
  • c) the responder does not support the extension: RequestedCertificate is not included in the response
Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If any of the OCTET STRING options is used, it MUST contain the DER encoding of the requested certificate. 
            RequestedCertificate ::= CHOICE {
              Certificate Certificate,
              publicKeyCertificate [0] EXPLICIT OCTET STRING,
              attributeCertificate [1] EXPLICIT OCTET STRING
            }

  • Field Details

  • Constructor Details

    • RequestedCertificate

      public RequestedCertificate(org.bouncycastle.asn1.x509.Certificate certificate)
      Constructor from a given details.

      Only one parameter can be given. All other must be null.

      Parameters:
      certificate - Given as Certificate

    • RequestedCertificate

      public RequestedCertificate(int type, byte[] certificateOctets)

  • Method Details

    • getInstance

      public static RequestedCertificate getInstance(Object obj)

    • getInstance

      public static RequestedCertificate getInstance(org.bouncycastle.asn1.ASN1TaggedObject obj, boolean explicit)

    • getType

      public int getType()

    • getCertificateBytes

      public byte[] getCertificateBytes()

    • toASN1Primitive

      public org.bouncycastle.asn1.ASN1Primitive toASN1Primitive()
      Produce an object suitable for an ASN1OutputStream.

      Returns: 

                  RequestedCertificate ::= CHOICE {
              Certificate Certificate,
              publicKeyCertificate [0] EXPLICIT OCTET STRING,
              attributeCertificate [1] EXPLICIT OCTET STRING
            }
      Specified by:
      toASN1Primitive in interface org.bouncycastle.asn1.ASN1Encodable
      Specified by:
      toASN1Primitive in class org.bouncycastle.asn1.ASN1Object
      Returns:
      a DERObject