com.tencent.kona.sun.security.provider.certpath

Class ResponderId

java.lang.Object

com.tencent.kona.sun.security.provider.certpath.ResponderId

public final class ResponderId
extends java.lang.Object

Class for ResponderId entities as described in RFC6960. ResponderId objects are used to uniquely identify OCSP responders.

The RFC 6960 defines a ResponderID structure as:

 ResponderID ::= CHOICE {
      byName              [1] Name,
      byKey               [2] KeyHash }

 KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
 (excluding the tag and length fields)

 Name is defined in RFC 5280.
 

Since:

9

See Also:

ResponderId.Type

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ResponderId.Type A ResponderId enumeration describing the accepted forms for a ResponderId.

Constructor Summary

Constructors

Constructor and Description
ResponderId(byte[] encodedData) Constructs a ResponderId object from its DER-encoding.
ResponderId(java.security.PublicKey pubKey) Constructs a ResponderId object using a PublicKey.
ResponderId(javax.security.auth.x500.X500Principal subjectName) Constructs a ResponderId object using an X500Principal.

Method Summary

Modifier and Type	Method and Description
boolean	equals(java.lang.Object obj) Compares the specified object with this ResponderId for equality.
byte[]	getEncoded() Encode a ResponderId in DER form
KeyIdentifier	getKeyIdentifier() Obtain the underlying key identifier from a ResponderId
javax.security.auth.x500.X500Principal	getResponderName() Obtain the underlying X500Principal from a ResponderId
ResponderId.Type	getType() Return the type of ResponderId
int	hashCode() Returns the hash code value for this ResponderId
int	length() Get the length of the encoded ResponderId (including the tag and length of the explicit tagging from the outer ASN.1 CHOICE).
java.lang.String	toString() Create a String representation of this ResponderId

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

ResponderId

public ResponderId(javax.security.auth.x500.X500Principal subjectName)
            throws java.io.IOException

Constructs a ResponderId object using an X500Principal. When encoded in DER this object will use the BY_NAME option.

Parameters:

subjectName - the subject name of the certificate used to sign OCSP responses.

Throws:

java.io.IOException - if the internal DER-encoding of the X500Principal fails.

ResponderId

public ResponderId(java.security.PublicKey pubKey)
            throws java.io.IOException

Constructs a ResponderId object using a PublicKey. When encoded in DER this object will use the byKey option, a SHA-1 hash of the responder's public key.

Parameters:

pubKey - the OCSP responder's public key

Throws:

java.io.IOException - if the internal DER-encoding of the KeyIdentifier fails.

ResponderId

public ResponderId(byte[] encodedData)
            throws java.io.IOException

Constructs a ResponderId object from its DER-encoding.

Parameters:

encodedData - the DER-encoded bytes

Throws:

java.io.IOException - if the encodedData is not properly DER encoded

Method Detail

getEncoded

public byte[] getEncoded()

Encode a ResponderId in DER form

Returns:

a byte array containing the DER-encoded representation for this ResponderId

getType

public ResponderId.Type getType()

Return the type of ResponderId

Returns:

a number corresponding to the context-specific tag number used in the DER-encoding for a ResponderId

length

public int length()

Get the length of the encoded ResponderId (including the tag and length of the explicit tagging from the outer ASN.1 CHOICE).

Returns:

the length of the encoded ResponderId

getResponderName

public javax.security.auth.x500.X500Principal getResponderName()

Obtain the underlying X500Principal from a ResponderId

Returns:

the X500Principal for this ResponderId if it is a BY_NAME variant. If the ResponderId is a BY_KEY variant, this routine will return null.

getKeyIdentifier

public KeyIdentifier getKeyIdentifier()

Obtain the underlying key identifier from a ResponderId

Returns:

the KeyIdentifier for this ResponderId if it is a BY_KEY variant. If the ResponderId is a BY_NAME variant, this routine will return null.

equals

public boolean equals(java.lang.Object obj)

Compares the specified object with this ResponderId for equality. A ResponderId will only be considered equivalent if both the type and data value are equal. Two ResponderIds initialized by name and key ID, respectively, will not be equal even if the ResponderId objects are created from the same source certificate.

Overrides:

equals in class java.lang.Object

Parameters:

obj - the object to be compared against

Returns:

true if the specified object is equal to this Responderid

hashCode

public int hashCode()

Returns the hash code value for this ResponderId

Overrides:

hashCode in class java.lang.Object

Returns:

the hash code value for this ResponderId

toString

public java.lang.String toString()

Create a String representation of this ResponderId

Overrides:

toString in class java.lang.Object

Returns:

a String representation of this ResponderId