Package com.novosec.pkix.asn1.cmp

Examples of com.novosec.pkix.asn1.cmp.PKIMessage

149
150
151
152
153
154
155
156
157
158
159
160
              crmfReq.setUsername(submessage.getUsername());
              crmfReq.setPassword(submessage.getPassword());
              // Request and extract certificate from response
              IResponseMessage response = signSession.createCertificate(admin, crmfReq, org.ejbca.core.protocol.cmp.CmpResponseMessage.class, null);
              ASN1InputStream ais = new ASN1InputStream(new ByteArrayInputStream(response.getResponseMessage()));
              CertRepMessage certRepMessage = PKIMessage.getInstance(ais.readObject()).getBody().getCp();
          InputStream inStream = new ByteArrayInputStream(certRepMessage.getResponse(0).getCertifiedKeyPair().getCertOrEncCert().getCertificate().getEncoded());
          cert = CertificateFactory.getInstance("X.509").generateCertificate(inStream);
          inStream.close();
          // Convert to the right response type
              if (submessage.getResponseType() == CertificateRequestRequest.RESPONSE_TYPE_CERTIFICATE) {
                result = cert.getEncoded();
View Full Code Here
123
124
125
126
127
128
129
130
131
132
133
    PKIBody myPKIBody = null;
    log.debug("Create error message from requestType: "+requestType);
    if (requestType==0 || requestType==2) {
      myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
    } else {
      ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo);
      myPKIBody = new PKIBody(myErrorContent, 23); // 23 = error           
    }
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());
View Full Code Here
132
133
134
135
136
137
138
139
140
141
142
        CertReqMessages myCertReqMessages = new CertReqMessages(myCertReqMsg);
        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name("CN=bogusSubject")), new GeneralName(new X509Name("CN=bogusIssuer")));
        myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
        myPKIHeader.setSenderNonce(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        myPKIHeader.setTransactionID(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        PKIBody myPKIBody = new PKIBody(myCertReqMessages, 0);
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
      // Create a bogus CrmfRequestMessage
      CrmfRequestMessage crmf = new CrmfRequestMessage(myPKIMessage, "CN=SomeCA", true, null);
      crmf.setPbeParameters("keyId", "key", "digestAlg", "macAlg", 100);
      // Serialize it
View Full Code Here
137
138
139
140
141
142
143
144
145
146
147
148
          }
        }
        if (ret) {
          // If authentication was correct, we will now try to find the certificate to revoke
          PKIMessage pkimsg = msg.getMessage();
          PKIBody body = pkimsg.getBody();
          RevReqContent rr = body.getRr();
          RevDetails rd = rr.getRevDetails(0);
          CertTemplate ct = rd.getCertDetails();
          DERInteger serno = ct.getSerialNumber();
          X509Name issuer = ct.getIssuer();
          // Get the revocation reason.
View Full Code Here
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
      myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());     
    }
    if (failText != null) {   
      myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
    }
    PKIBody myPKIBody = null;
    log.debug("Create error message from requestType: "+requestType);
    if (requestType==0 || requestType==2) {
      myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
    } else {
      ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo);
      myPKIBody = new PKIBody(myErrorContent, 23); // 23 = error           
    }
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());
    } else {
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
133
134
      // If we could not read the message, we should return an error BAD_REQUEST
      return CmpMessageHelper.createUnprotectedErrorMessage(null, ResponseStatus.FAILURE, FailInfo.BAD_REQUEST, eMsg);
    }
    try {
      PKIHeader header = req.getHeader();
      PKIBody body = req.getBody();
     
      int tagno = body.getTagNo();
      if (log.isDebugEnabled()) {
        log.debug("Received CMP message with pvno="+header.getPvno()+", sender="+header.getSender().toString()+", recipient="+header.getRecipient().toString());
        log.debug("Body is of type: "+tagno);
        log.debug(req);
        //log.debug(ASN1Dump.dumpAsString(req));       
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
            case CertificateRequestRequest.REQUEST_TYPE_CRMF:
              // Extract request in a format that EJBCA can process
          CertReqMessages certReqMessages = CertReqMessages.getInstance(new ASN1InputStream(submessage.getRequestData()).readObject());
          PKIMessage msg = new PKIMessage(new PKIHeader(
              new DERInteger(2), new GeneralName(new X509Name("CN=unused")), new GeneralName(new X509Name("CN=unused"))),
              new PKIBody(certReqMessages, 2)); // [2] CertReqMessages --Certification Request
              CrmfRequestMessage crmfReq = new CrmfRequestMessage(msg, null, true, null);
              crmfReq.setUsername(submessage.getUsername());
              crmfReq.setPassword(submessage.getPassword());
              // Request and extract certificate from response
              IResponseMessage response = signSession.createCertificate(admin, crmfReq, org.ejbca.core.protocol.cmp.CmpResponseMessage.class, null);
View Full Code Here
116
117
118
119
120
121
122
123
124
125
126
    PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
    if (failInfo != null) {
      myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());     
    }
    if (failText != null) {   
      myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
    }
    PKIBody myPKIBody = null;
    log.debug("Create error message from requestType: "+requestType);
    if (requestType==0 || requestType==2) {
      myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
139
140
141
        ProofOfPossession myProofOfPossession = new ProofOfPossession(new DERNull(), 0);
        myCertReqMsg.setPop(myProofOfPossession);
        AttributeTypeAndValue av = new AttributeTypeAndValue(CRMFObjectIdentifiers.regCtrl_regToken, new DERUTF8String("foo123"));
        myCertReqMsg.addRegInfo(av);
        CertReqMessages myCertReqMessages = new CertReqMessages(myCertReqMsg);
        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name("CN=bogusSubject")), new GeneralName(new X509Name("CN=bogusIssuer")));
        myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
        myPKIHeader.setSenderNonce(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        myPKIHeader.setTransactionID(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        PKIBody myPKIBody = new PKIBody(myCertReqMessages, 0);
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
      // Create a bogus CrmfRequestMessage
      CrmfRequestMessage crmf = new CrmfRequestMessage(myPKIMessage, "CN=SomeCA", true, null);
      crmf.setPbeParameters("keyId", "key", "digestAlg", "macAlg", 100);
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
      assertEquals("CN=AdminCA1,O=EJBCA Sample,C=SE", msg.getIssuerDN());
      assertEquals("CN=abc123rry-4371939543913639881,O=PrimeKey Solutions AB,C=SE", msg.getRequestDN());
      assertEquals("abc123rry-4371939543913639881", msg.getUsername());
      assertEquals("foo123", msg.getPassword());
      // Verify PBE protection
      PKIHeader head = msg.getHeader();
      final DEROctetString os = head.getSenderKID();
      String keyId = new String(os.getOctets(), "UTF-8");
      assertEquals("mykeyid", keyId);
      final CmpPbeVerifyer verifyer = new CmpPbeVerifyer(msg.getMessage());
      assertTrue(verifyer.verify("foo123"));
      assertFalse(verifyer.verify("bar123"));
View Full Code Here
TOP

Related Classes of com.novosec.pkix.asn1.cmp.PKIMessage

  • org.bouncycastle.asn1.ASN1EncodableVector
  • org.bouncycastle.asn1.ASN1Sequence
  • org.bouncycastle.asn1.ASN1TaggedObject
  • org.bouncycastle.asn1.DERNull
  • org.bouncycastle.asn1.DERObjectIdentifier
  • org.bouncycastle.asn1.DEROutputStream
  • org.bouncycastle.asn1.DERSequence
  • org.bouncycastle.asn1.DERTaggedObject
  • org.bouncycastle.asn1.x509.CertificateList
  • org.ejbca.core.ejb.ra.CertificateRequestSessionBean
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.