eu.europa.esig.dss.validation.OCSPAndCRLRevocationSource

All Implemented Interfaces:: RevocationSource<Revocation>, Serializable

public class OCSPAndCRLRevocationSource
extends Object
implements RevocationSource<Revocation>

Fetches revocation data for a certificate by querying an OCSP server first and then a CRL server if no OCSP response could be retrieved.

See Also:: Serialized Form

Constructor Summary

Constructors
Constructor	Description
`OCSPAndCRLRevocationSource(RevocationSource<CRL> crlSource, RevocationSource<OCSP> ocspSource)`	Build a OCSPAndCRLCertificateVerifier that will use the provided CRLSource and OCSPSource

Method Summary

Modifier and Type	Method	Description
`RevocationToken<CRL>`	`checkCRL(CertificateToken certificateToken, CertificateToken issuerToken)`	Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!
`RevocationToken<OCSP>`	`checkOCSP(CertificateToken certificateToken, CertificateToken issuerToken)`	Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!
`RevocationToken<Revocation>`	`getRevocationToken(CertificateToken certificateToken, CertificateToken issuerToken)`	This method tries firstly to collect from the OCSP Source and than from the CRL Source.
`void`	`setTrustedCertificateSource(ListCertificateSource trustedListCertificateSource)`	Sets a trusted certificate source in order to accept trusted OCSPToken's certificate issuers

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- OCSPAndCRLRevocationSource
  
  public OCSPAndCRLRevocationSource(RevocationSource<CRL> crlSource, RevocationSource<OCSP> ocspSource)
  
  Build a OCSPAndCRLCertificateVerifier that will use the provided CRLSource and OCSPSource
  
  Parameters:
  
  crlSource - the used CRL Source (online or offline)
  
  ocspSource - the used OCSP Source (online or offline)
Method Details
- setTrustedCertificateSource
  
  public void setTrustedCertificateSource(ListCertificateSource trustedListCertificateSource)
  
  Sets a trusted certificate source in order to accept trusted OCSPToken's certificate issuers
  
  Parameters:
  
  trustedListCertificateSource - ListCertificateSource
- getRevocationToken
  
  public RevocationToken<Revocation> getRevocationToken(CertificateToken certificateToken, CertificateToken issuerToken)
  
  This method tries firstly to collect from the OCSP Source and than from the CRL Source. The first result is returned.
  
  Specified by:
  
  getRevocationToken in interface RevocationSource<Revocation>
  
  Parameters:
  
  certificateToken - The CertificateToken for which the request is made
  
  issuerToken - The CertificateToken which is the issuer of the certificateToken
  
  Returns:
  
  an instance of RevocationToken
- checkOCSP
  
  public RevocationToken<OCSP> checkOCSP(CertificateToken certificateToken, CertificateToken issuerToken)
  
  Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!
  
  Parameters:
  
  certificateToken - CertificateToken to get OCSP for
  
  issuerToken - CertificateToken issuer of certificateToken
  
  Returns:
  
  RevocationToken
- checkCRL
  
  public RevocationToken<CRL> checkCRL(CertificateToken certificateToken, CertificateToken issuerToken)
  
  Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!
  
  Parameters:
  
  certificateToken - CertificateToken to get CRL for
  
  issuerToken - CertificateToken issuer of certificateToken
  
  Returns:
  
  RevocationToken

Class OCSPAndCRLRevocationSource

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

OCSPAndCRLRevocationSource

Method Details

setTrustedCertificateSource

getRevocationToken

checkOCSP

checkCRL