private void setStatus(final CertificateStatus certStatus) { if (certStatus == null) { status = true; return; } if (LOG.isInfoEnabled()) { LOG.info("OCSP certificate status: " + certStatus.getClass().getName()); } if (certStatus instanceof RevokedStatus) { if (LOG.isInfoEnabled()) { LOG.info("OCSP status revoked"); } final RevokedStatus revokedStatus = (RevokedStatus) certStatus; status = false; revocationDate = revokedStatus.getRevocationTime(); final int reasonId = revokedStatus.getRevocationReason(); final CRLReason crlReason = CRLReason.lookup(reasonId); reason = crlReason.toString(); } else if (certStatus instanceof UnknownStatus) { if (LOG.isInfoEnabled()) { LOG.info("OCSP status unknown"); } reason = "OCSP status: unknown"; } }
/** * This method returns the reason of the revocation of the certificate extracted from the given CRL. * * @param crlEntry An object for a revoked certificate in a CRL (Certificate Revocation List). * @return * @throws DSSException */ public static String getRevocationReason(final X509CRLEntry crlEntry) throws DSSException { final String reasonId = Extension.reasonCode.getId(); final byte[] extensionBytes = crlEntry.getExtensionValue(reasonId); try { final ASN1Primitive asn1Primitive = X509ExtensionUtil.fromExtensionValue(extensionBytes); final ASN1Enumerated asn1Enumerated = ASN1Enumerated.getInstance(asn1Primitive); final CRLReason reason = CRLReason.getInstance(asn1Enumerated); return reason.toString(); } catch (IOException e) { throw new DSSException(e); } }