org.bouncycastle.asn1.isismtt.ocsp
Class RequestedCertificate
- ASN1Choice, DEREncodable
public class RequestedCertificate
ISIS-MTT-Optional: The certificate requested by the client by inserting the
RetrieveIfAllowed extension in the request, will be returned in this
extension.
ISIS-MTT-SigG: The signature act allows publishing certificates only then,
when the certificate owner gives his explicit permission. Accordingly, there
may be ???nondownloadable??? certificates, about which the responder must provide
status information, but MUST NOT include them in the response. Clients may
get therefore the following three kind of answers on a single request
including the RetrieveIfAllowed extension:
- a) the responder supports the extension and is allowed to publish the
certificate: RequestedCertificate returned including the requested
certificate
- b) the responder supports the extension but is NOT allowed to publish
the certificate: RequestedCertificate returned including an empty OCTET
STRING
- c) the responder does not support the extension: RequestedCertificate is
not included in the response
Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If
any of the OCTET STRING options is used, it MUST contain the DER encoding of
the requested certificate.
RequestedCertificate ::= CHOICE {
Certificate Certificate,
publicKeyCertificate [0] EXPLICIT OCTET STRING,
attributeCertificate [1] EXPLICIT OCTET STRING
}
attributeCertificate
public static final int attributeCertificate
certificate
public static final int certificate
publicKeyCertificate
public static final int publicKeyCertificate
RequestedCertificate
public RequestedCertificate(int type,
byte[] certificateOctets)
RequestedCertificate
public RequestedCertificate(X509CertificateStructure certificate)
Constructor from a given details.
Only one parameter can be given. All other must be
null
.
certificate
- Given as Certificate
getCertificateBytes
public byte[] getCertificateBytes()
getType
public int getType()
toASN1Object
public DERObject toASN1Object()
Produce an object suitable for an ASN1OutputStream.
Returns:
RequestedCertificate ::= CHOICE {
Certificate Certificate,
publicKeyCertificate [0] EXPLICIT OCTET STRING,
attributeCertificate [1] EXPLICIT OCTET STRING
}
- toASN1Object in interface ASN1Encodable