Author: tilman
Date: Wed Nov 28 18:36:28 2018
New Revision: 1847664
URL: http://svn.apache.org/viewvc?rev=1847664&view=rev
Log:
PDFBOX-3017: refactor for less nesting
Modified:
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Modified:
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
URL:
http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java?rev=1847664&r1=1847663&r2=1847664&view=diff
==============================================================================
---
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
(original)
+++
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Wed Nov 28 18:36:28 2018
@@ -202,40 +202,38 @@ public class OcspHelper
boolean nonceChecked = checkNonce(basicResponse);
SingleResp[] responses = basicResponse.getResponses();
- if (responses.length == 1)
+ if (responses.length != 1)
{
- SingleResp resp = responses[0];
- Object status = resp.getCertStatus();
+ throw new OCSPException(
+ "OCSP: Received " + responses.length + " responses
instead of 1!");
+ }
- if (!nonceChecked)
- {
- // https://tools.ietf.org/html/rfc5019
- // fall back to validating the OCSPResponse based on time
- checkOcspResponseFresh(resp);
- }
+ SingleResp resp = responses[0];
+ Object status = resp.getCertStatus();
- if (status instanceof RevokedStatus)
- {
- RevokedStatus revokedStatus = (RevokedStatus) status;
- if (revokedStatus.getRevocationTime().compareTo(signDate)
<= 0)
- {
- throw new RevokedCertificateException(
- "OCSP: Certificate is revoked since " +
- revokedStatus.getRevocationTime(),
- revokedStatus.getRevocationTime());
- }
- LOG.info("The certificate was revoked after signing by
OCSP " + ocspUrl +
- " on " + revokedStatus.getRevocationTime());
- }
- else if (status != CertificateStatus.GOOD)
+ if (!nonceChecked)
+ {
+ // https://tools.ietf.org/html/rfc5019
+ // fall back to validating the OCSPResponse based on time
+ checkOcspResponseFresh(resp);
+ }
+
+ if (status instanceof RevokedStatus)
+ {
+ RevokedStatus revokedStatus = (RevokedStatus) status;
+ if (revokedStatus.getRevocationTime().compareTo(signDate) <= 0)
{
- throw new OCSPException("OCSP: Status of Cert is unknown");
+ throw new RevokedCertificateException(
+ "OCSP: Certificate is revoked since " +
+ revokedStatus.getRevocationTime(),
+ revokedStatus.getRevocationTime());
}
+ LOG.info("The certificate was revoked after signing by OCSP "
+ ocspUrl +
+ " on " + revokedStatus.getRevocationTime());
}
- else
+ else if (status != CertificateStatus.GOOD)
{
- throw new OCSPException(
- "OCSP: Received " + responses.length + " responses
instead of 1!");
+ throw new OCSPException("OCSP: Status of Cert is unknown");
}
}
}
