1 files changed, 54 insertions, 0 deletions

diff --git a/crypto/src/ocsp/OCSPRespGenerator.cs b/crypto/src/ocsp/OCSPRespGenerator.cs
new file mode 100644
index 000000000..e0eb9ae90
--- /dev/null
+++ b/crypto/src/ocsp/OCSPRespGenerator.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * base generator for an OCSP response - at the moment this only supports the
+	 * generation of responses containing BasicOCSP responses.
+	 */
+	public class OCSPRespGenerator
+	{
+		public const int Successful			= 0;	// Response has valid confirmations
+		public const int MalformedRequest	= 1;	// Illegal confirmation request
+		public const int InternalError		= 2;	// Internal error in issuer
+		public const int TryLater			= 3;	// Try again later
+		// (4) is not used
+		public const int SigRequired		= 5;	// Must sign the request
+		public const int Unauthorized		= 6;	// Request unauthorized
+
+		public OcspResp Generate(
+			int     status,
+			object  response)
+		{
+			if (response == null)
+			{
+				return new OcspResp(new OcspResponse(new OcspResponseStatus(status),null));
+			}
+			if (response is BasicOcspResp)
+			{
+				BasicOcspResp r = (BasicOcspResp)response;
+				Asn1OctetString octs;
+
+				try
+				{
+					octs = new DerOctetString(r.GetEncoded());
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("can't encode object.", e);
+				}
+
+				ResponseBytes rb = new ResponseBytes(
+					OcspObjectIdentifiers.PkixOcspBasic, octs);
+
+				return new OcspResp(new OcspResponse(
+					new OcspResponseStatus(status), rb));
+			}
+
+			throw new OcspException("unknown response object");
+		}
+	}
+}