Examples of CertRequest

Examples of com.novosec.pkix.asn1.crmf.CertRequest

121
122
123
124
125
126
127
128
129
130
131
    byte[] value = bOut.toByteArray();
    X509Extension kuext = new X509Extension(false, new DEROctetString(value));
    values.add(kuext);
    oids.add(X509Extensions.KeyUsage);
        myCertTemplate.setExtensions(new X509Extensions(oids, values));
        CertRequest myCertRequest = new CertRequest(new DERInteger(4), myCertTemplate);
        CertReqMsg myCertReqMsg = new CertReqMsg(myCertRequest);
        ProofOfPossession myProofOfPossession = new ProofOfPossession(new DERNull(), 0);
        myCertReqMsg.setPop(myProofOfPossession);
        AttributeTypeAndValue av = new AttributeTypeAndValue(CRMFObjectIdentifiers.regCtrl_regToken, new DERUTF8String("foo123"));
        myCertReqMsg.addRegInfo(av);
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

956
957
958
959
960
961
962
963
964
965
966
967
      } else if (reqType == REQTYPE_CRMF) {
        byte[] request = Base64.decode(req.getBytes());
        ASN1InputStream in = new ASN1InputStream(request);
        ASN1Sequence    crmfSeq = (ASN1Sequence) in.readObject();
        ASN1Sequence reqSeq =  (ASN1Sequence) ((ASN1Sequence) crmfSeq.getObjectAt(0)).getObjectAt(0);
        CertRequest certReq = new CertRequest( reqSeq );
        SubjectPublicKeyInfo pKeyInfo = certReq.getCertTemplate().getPublicKey();
        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
        KeySpec keySpec = new X509EncodedKeySpec( pKeyInfo.getEncoded() );
        PublicKey pubKey = keyFact.generatePublic(keySpec); // just check it's ok
        imsg = new SimpleRequestMessage(pubKey, username, password);
        // a simple crmf is not a complete PKI message, as desired by the CrmfRequestMessage class
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

167
168
169
170
171
172
173
174
175
176
177
178
      } else if (reqType == SecConst.CERT_REQ_TYPE_CRMF) {
        byte[] request = Base64.decode(req.getBytes());
        ASN1InputStream in = new ASN1InputStream(request);
        ASN1Sequence    crmfSeq = (ASN1Sequence) in.readObject();
        ASN1Sequence reqSeq =  (ASN1Sequence) ((ASN1Sequence) crmfSeq.getObjectAt(0)).getObjectAt(0);
        CertRequest certReq = new CertRequest( reqSeq );
        SubjectPublicKeyInfo pKeyInfo = certReq.getCertTemplate().getPublicKey();
        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
        KeySpec keySpec = new X509EncodedKeySpec( pKeyInfo.getEncoded() );
        PublicKey pubKey = keyFact.generatePublic(keySpec); // just check it's ok
        imsg = new SimpleRequestMessage(pubKey, username, password);
        // a simple crmf is not a complete PKI message, as desired by the CrmfRequestMessage class
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

193
194
195
196
197
198
199
200
201
202
203
      // Add serialNumber to the certTemplate, it is defined as a MUST NOT be used in RFC4211, but we will use it anyway in order
      // to request a custom certificate serial number (something not standard anyway)
      myCertTemplate.setSerialNumber(new DERInteger(customCertSerno));
    }

        CertRequest myCertRequest = new CertRequest(new DERInteger(4), myCertTemplate);
        // myCertRequest.addControls(new
        // AttributeTypeAndValue(CRMFObjectIdentifiers.regInfo_utf8Pairs, new
        // DERInteger(12345)));
        CertReqMsg myCertReqMsg = new CertReqMsg(myCertRequest);
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

191
192
193
194
195
196
197
                // Make the complete extension package
                myCertTemplate.setExtensions(new X509Extensions(oids, values));
            } else {
                myCertTemplate.setExtensions(extensions);
            }
            return new CertRequest(new DERInteger(4), myCertTemplate);
        }
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

187
188
189
190
191
192
193
194
195
196
197
    setSender(header.getSender());
  }
 
  @Override
  public PublicKey getRequestPublicKey() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException {
    final CertRequest request = getReq().getCertReq();
    final CertTemplate templ = request.getCertTemplate();
    final SubjectPublicKeyInfo keyInfo = templ.getPublicKey();
    final PublicKey pk = getPublicKey(keyInfo, "BC");
    return pk;
  }
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

333
334
335
336
337
338
339
340
341
342
343
344
   *
   * @return BigInteger the requested custom certificate serial number or null, normally this should return null.
   */
  public BigInteger getSubjectCertSerialNo() {
    BigInteger ret = null;
    final CertRequest request = getReq().getCertReq();
    final CertTemplate templ = request.getCertTemplate();
    final DERInteger serno = templ.getSerialNumber();
    if (serno != null) {
      ret = serno.getValue();     
    }
    return ret;
View Full Code Here

Examples of com.novosec.pkix.asn1.crmf.CertRequest

458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
        } else {
          // Assume POPOSigningKeyInput with the public key and name, MUST be the same as in the request according to RFC4211
          if (log.isDebugEnabled()) {
            log.debug("Using POPOSigningKeyInput as POPO input.");
          }
          final CertRequest req = getReq().getCertReq();
          // If subject is present in cert template it must be the same as in POPOSigningKeyInput
          final X509Name subject = req.getCertTemplate().getSubject();
          if (subject != null && !subject.toString().equals(pski.getSender().getName().toString())) {
            log.info("Subject '"+subject.toString()+"̈́', is not equal to '"+pski.getSender().toString()+"'.");
            protObject = null// pski is not a valid protection object
          }
          // If public key is present in cert template it must be the same as in POPOSigningKeyInput
          final SubjectPublicKeyInfo pk = req.getCertTemplate().getPublicKey();
          if (pk != null && !Arrays.areEqual(pk.getEncoded(), pski.getPublicKey().getEncoded())) {
            log.info("Subject key in cert template, is not equal to subject key in POPOSigningKeyInput.");
            protObject = null// pski is not a valid protection object
          }
        }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.