package org.bouncycastle.asn1.cmp;

import java.math.BigInteger;

import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSequence;

public class PKIStatusInfo
    extends ASN1Object
{
    ASN1Integer      status;
    PKIFreeText     statusString;
    DERBitString    failInfo;

    public static PKIStatusInfo getInstance(
        ASN1TaggedObject obj,
        boolean explicit)
    {
        return getInstance(ASN1Sequence.getInstance(obj, explicit));
    }

    public static PKIStatusInfo getInstance(
        Object obj)
    {
        if (obj instanceof PKIStatusInfo)
        {
            return (PKIStatusInfo)obj;
        }
        else if (obj != null)
        {
            return new PKIStatusInfo(ASN1Sequence.getInstance(obj));
        }

        return null;
    }

    private PKIStatusInfo(
        ASN1Sequence seq)
    {
        this.status = ASN1Integer.getInstance(seq.getObjectAt(0));

        this.statusString = null;
        this.failInfo = null;

        if (seq.size() > 2)
        {
            this.statusString = PKIFreeText.getInstance(seq.getObjectAt(1));
            this.failInfo = DERBitString.getInstance(seq.getObjectAt(2));
        }
        else if (seq.size() > 1)
        {
            Object obj = seq.getObjectAt(1); 
            if (obj instanceof DERBitString)
            {
                this.failInfo = DERBitString.getInstance(obj);
            }
            else
            {
                this.statusString = PKIFreeText.getInstance(obj);
            }
        }
    }

    
Params:
  • status –
/** * @param status */
public PKIStatusInfo(PKIStatus status) { this.status = ASN1Integer.getInstance(status.toASN1Primitive()); }
Params:
  • status –
  • statusString –
/** * * @param status * @param statusString */
public PKIStatusInfo( PKIStatus status, PKIFreeText statusString) { this.status = ASN1Integer.getInstance(status.toASN1Primitive()); this.statusString = statusString; } public PKIStatusInfo( PKIStatus status, PKIFreeText statusString, PKIFailureInfo failInfo) { this.status = ASN1Integer.getInstance(status.toASN1Primitive()); this.statusString = statusString; this.failInfo = failInfo; } public BigInteger getStatus() { return status.getValue(); } public PKIFreeText getStatusString() { return statusString; } public DERBitString getFailInfo() { return failInfo; }
PKIStatusInfo ::= SEQUENCE {
    status        PKIStatus,                (INTEGER)
    statusString  PKIFreeText     OPTIONAL,
    failInfo      PKIFailureInfo  OPTIONAL  (BIT STRING)
}
PKIStatus:
  granted                (0), -- you got exactly what you asked for
  grantedWithMods        (1), -- you got something like what you asked for
  rejection              (2), -- you don't get it, more information elsewhere in the message
  waiting                (3), -- the request body part has not yet been processed, expect to hear more later
  revocationWarning      (4), -- this message contains a warning that a revocation is imminent
  revocationNotification (5), -- notification that a revocation has occurred
  keyUpdateWarning       (6)  -- update already done for the oldCertId specified in CertReqMsg
PKIFailureInfo:
  badAlg           (0), -- unrecognized or unsupported Algorithm Identifier
  badMessageCheck  (1), -- integrity check failed (e.g., signature did not verify)
  badRequest       (2), -- transaction not permitted or supported
  badTime          (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
  badCertId        (4), -- no certificate could be found matching the provided criteria
  badDataFormat    (5), -- the data submitted has the wrong format
  wrongAuthority   (6), -- the authority indicated in the request is different from the one creating the response token
  incorrectData    (7), -- the requester's data is incorrect (for notary services)
  missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
  badPOP           (9)  -- the proof-of-possession failed
/** * <pre> * PKIStatusInfo ::= SEQUENCE { * status PKIStatus, (INTEGER) * statusString PKIFreeText OPTIONAL, * failInfo PKIFailureInfo OPTIONAL (BIT STRING) * } * * PKIStatus: * granted (0), -- you got exactly what you asked for * grantedWithMods (1), -- you got something like what you asked for * rejection (2), -- you don't get it, more information elsewhere in the message * waiting (3), -- the request body part has not yet been processed, expect to hear more later * revocationWarning (4), -- this message contains a warning that a revocation is imminent * revocationNotification (5), -- notification that a revocation has occurred * keyUpdateWarning (6) -- update already done for the oldCertId specified in CertReqMsg * * PKIFailureInfo: * badAlg (0), -- unrecognized or unsupported Algorithm Identifier * badMessageCheck (1), -- integrity check failed (e.g., signature did not verify) * badRequest (2), -- transaction not permitted or supported * badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy * badCertId (4), -- no certificate could be found matching the provided criteria * badDataFormat (5), -- the data submitted has the wrong format * wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token * incorrectData (7), -- the requester's data is incorrect (for notary services) * missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy) * badPOP (9) -- the proof-of-possession failed * * </pre> */
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(status); if (statusString != null) { v.add(statusString); } if (failInfo!= null) { v.add(failInfo); } return new DERSequence(v); } }