Package org.ejbca.cvc

Examples of org.ejbca.cvc.CardVerifiableCertificate


        }
        if (ret == null) {
          // We could not create an X509Certificate, see if it is a CVC certificate instead
            try {
              CVCertificate parsedObject = CertificateParser.parseCertificate(cert);
              ret = new CardVerifiableCertificate(parsedObject);
      } catch (ParseException e) {
            log.debug("ParseException trying to read CVCCertificate.");
            throw new CertificateException("Certificate exception trying to read CVCCertificate", e);
      } catch (ConstructionException e) {
            log.debug("ConstructionException trying to read CVCCertificate.");
View Full Code Here


      X509Certificate x509cert = (X509Certificate)cert;
            if (x509cert.getBasicConstraints() > -1)  {
              ret = true;
            }
    } else if (StringUtils.equals(cert.getType(), "CVC")) {
      CardVerifiableCertificate cvccert = (CardVerifiableCertificate)cert;
      try {
        CVCAuthorizationTemplate templ = cvccert.getCVCertificate().getCertificateBody().getAuthorizationTemplate();
        AuthorizationRoleEnum role = templ.getAuthorizationField().getRole();
        if (role.equals(AuthorizationRoleEnum.CVCA) || role.equals(AuthorizationRoleEnum.DV_D) || role.equals(AuthorizationRoleEnum.DV_F)) {
          ret = true;
        }
      } catch (NoSuchFieldException e) {
View Full Code Here

    if (cert != null) {
      if (cert instanceof X509Certificate) {
        X509Certificate xcert = (X509Certificate) cert;
        xcert.checkValidity(date);
      } else if (StringUtils.equals(cert.getType(), "CVC")) {
        CardVerifiableCertificate cvccert = (CardVerifiableCertificate)cert;
        try {
          Date start = cvccert.getCVCertificate().getCertificateBody().getValidFrom();
          Date end = cvccert.getCVCertificate().getCertificateBody().getValidTo();
          if (start.after(date)) {
            String msg = "Certificate startDate '"+start+"' is after check date '"+date+"'";
            if (log.isTraceEnabled()) {
              log.trace(msg);
            }
View Full Code Here

        certSignatureAlgorithm = x509cert.getSigAlgName();
        if (log.isDebugEnabled()) {
            log.debug("certSignatureAlgorithm is: "+certSignatureAlgorithm);         
        }
    } else if (StringUtils.equals(cert.getType(), "CVC")) {
      CardVerifiableCertificate cvccert = (CardVerifiableCertificate)cert;
      CVCPublicKey cvcpk;
      try {
        cvcpk = cvccert.getCVCertificate().getCertificateBody().getPublicKey();
        OIDField oid = cvcpk.getObjectIdentifier();
        certSignatureAlgorithm = AlgorithmUtil.getAlgorithmName(oid);
      } catch (NoSuchFieldException e) {
        log.error("NoSuchFieldException: ", e);
      }
View Full Code Here

//          ret = ASN1Dump.dumpAsString(obj);
        } catch (CertificateException e) {
          ret = e.getMessage();
      }
    } else if (StringUtils.equals(cert.getType(), "CVC")) {
      final CardVerifiableCertificate cvccert = (CardVerifiableCertificate)cert;
      final CVCObject obj = cvccert.getCVCertificate();
      ret = obj.getAsText("");
    } else {
      throw new IllegalArgumentException("dumpCertificateAsString: Certificate of type "+cert.getType()+" is not implemented");     
    }
        return ret;
View Full Code Here

            // (can be a simple imported CA-certificate of external CA)
            if (chain.isEmpty() &&
              ca.getCAType() == CAInfo.CATYPE_CVC &&
                ca.getSignedBy() == CAInfo.SIGNEDBYEXTERNALCA &&
                ca.getStatus() == SecConst.CA_ACTIVE){
              CardVerifiableCertificate dvcert = (CardVerifiableCertificate)ca.getCACertificate();
          String ca_ref = dvcert.getCVCertificate().getCertificateBody().getAuthorityReference().getConcatenated();
              log.debug("DV renewal missing CVCA cert, try finding CA for:"+ ca_ref);
            Iterator<Integer> cas = caSession.getAvailableCAs(admin).iterator();
            while (cas.hasNext()){
              CA cvca = caSession.getCA(admin,cas.next());
              if (cvca.getCAType() == CAInfo.CATYPE_CVC && cvca.getSignedBy() == CAInfo.SELFSIGNED){
                CardVerifiableCertificate cvccert = (CardVerifiableCertificate)cvca.getCACertificate();
                if (ca_ref.equals (cvccert.getCVCertificate().getCertificateBody().getHolderReference().getConcatenated())){
                        log.debug("Added missing CVCA to rewnewal request: "+ cvca.getName());
                  chain.add(cvccert);
                  break;
                }
              }
View Full Code Here

                    // If it is a DV certificate signed by a CVCA, enrich the
                    // public key for EC parameters from the CVCA's certificate
                    PublicKey pk = cacert.getPublicKey();
                    if (StringUtils.equals(cacert.getType(), "CVC")) {
                        if (pk.getAlgorithm().equals("ECDSA")) {
                            CardVerifiableCertificate cvccert = (CardVerifiableCertificate) cacert;
                            try {
                                if ((cvccert.getCVCertificate().getCertificateBody().getAuthorizationTemplate().getAuthorizationField().getRole() == AuthorizationRoleEnum.DV_D)
                                        || (cvccert.getCVCertificate().getCertificateBody().getAuthorizationTemplate().getAuthorizationField().getRole() == AuthorizationRoleEnum.DV_F)) {
                                    log.debug("Enriching DV public key with EC parameters from CVCA");
                                    Certificate cvcacert = (Certificate) reqchain.iterator().next();
                                    pk = KeyTools.getECPublicKeyWithParams(pk, cvcacert.getPublicKey());
                                }
                            } catch (InvalidKeySpecException e) {
View Full Code Here

        Certificate wscert = certenv.get(0);
        byte[] b64cert = wscert.getCertificateData();
        CVCObject parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
        CVCertificate cert = (CVCertificate) parsedObject;
        CardVerifiableCertificate cvcert = new CardVerifiableCertificate(cert);

        assertNotNull(cert);
        assertEquals("CN=" + username + ",C=SE", CertTools.getSubjectDN(cvcert));
        assertEquals("00111", CertTools.getSerialNumberAsString(cvcert));
        PublicKey pk = cvcert.getPublicKey();
        assertEquals("CVC", pk.getFormat());
        // Verify that we have the complete chain
        assertEquals(3, certenv.size());
        Certificate wsdvcert = certenv.get(1);
        Certificate wscvcacert = certenv.get(2);
        b64cert = wsdvcert.getCertificateData();
        parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
        CVCertificate dvcert = (CVCertificate) parsedObject;
        b64cert = wscvcacert.getCertificateData();
        assertTrue ("CVCA", Arrays.equals(wscvcacert.getRawCertificateData(), ca_path.get(1).getRawCertificateData()));
        assertTrue ("DVCA", Arrays.equals(wsdvcert.getRawCertificateData(), ca_path.get(0).getRawCertificateData()));
        parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
        CVCertificate cvcacert = (CVCertificate) parsedObject;
        assertEquals(AuthorizationRoleEnum.DV_D, dvcert.getCertificateBody().getAuthorizationTemplate().getAuthorizationField().getRole());
        assertEquals(AuthorizationRoleEnum.CVCA, cvcacert.getCertificateBody().getAuthorizationTemplate().getAuthorizationField().getRole());
        PublicKey cvcapubk = cvcacert.getCertificateBody().getPublicKey();
        PublicKey dvpubk = dvcert.getCertificateBody().getPublicKey();
        dvpubk = KeyTools.getECPublicKeyWithParams(dvpubk, cvcapubk);
        cvcert.verify(dvpubk);
        CardVerifiableCertificate dvjavacert = new CardVerifiableCertificate(dvcert);
        dvjavacert.verify(cvcapubk);

        //
        // Second test that we try to get a new certificate for this user
        // without outer (renewal) signature. This should fail.
        //
        boolean thrown = false;
        try {
            certenv = ejbcaraws.cvcRequest(user1.getUsername(), user1.getPassword(), new String(Base64.encode(request.getDEREncoded())));
        } catch (EjbcaException_Exception e) {
            thrown = true;
            String msg = e.getMessage();
            assertTrue(msg.contains("NEW, FAILED or INPROCESS required"));
        }
        assertTrue(thrown);

        //
        // Third test that we can not renew a certificate with the same keys as
        // the old request. This should fail.
        //
        thrown = false;
        try {
            certenv = ejbcaraws.cvcRequest(user1.getUsername(), user1.getPassword(), new String(Base64.encode(authRequestSameKeys.getDEREncoded())));
        } catch (AuthorizationDeniedException_Exception e) {
            thrown = true;
            String msg = e.getMessage();
            assertTrue(msg.contains("Trying to renew a certificate using the same key"));
        }
        assertTrue(thrown);

        //
        // Fourth test that we can renew a certificate using an outer signature
        // made with the old keys. This should succeed.
        //
        certenv = ejbcaraws.cvcRequest(user1.getUsername(), user1.getPassword(), new String(Base64.encode(authRequestRenew.getDEREncoded())));
        assertNotNull(certenv);
        wscert = certenv.get(0);
        b64cert = wscert.getCertificateData();
        parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
        cert = (CVCertificate) parsedObject;
        cvcert = new CardVerifiableCertificate(cert);
        assertNotNull(cert);
        assertEquals("CN=" + username + ",C=SE", CertTools.getSubjectDN(cvcert));
        assertEquals("00111", CertTools.getSerialNumberAsString(cvcert));

        //
View Full Code Here

        final KeyPair cvcakeypair = KeyTools.genKeys(keyspec, keyalg);
        CAReferenceField caRef = new CAReferenceField("SE", cvcaMnemonic, "00001");
        HolderReferenceField holderRef = new HolderReferenceField("SE", cvcaMnemonic, "00001");
        CVCertificate cvcert = CertificateGenerator.createTestCertificate(cvcakeypair.getPublic(), cvcakeypair.getPrivate(), caRef, holderRef, signalg,
                AuthorizationRoleEnum.CVCA);
        CardVerifiableCertificate cvcacert = new CardVerifiableCertificate(cvcert);

        // Create the DVCA signed by our external CVCA
        String caname = createDVCCASignedByExternal(dvcaName, dvcaMnemonic, keyspec, keyalg, signalg);
        assertNotNull("Failed to create DVC CA " + dvcaName + "Signed By External.", caname);
        assertEquals(caname, dvcaName);
        // Now test our WS API to generate a request, setting status to
        // "WAITING_FOR_CERTIFICATE_RESPONSE"
        CAInfo dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_WAITING_CERTIFICATE_RESPONSE, dvinfo.getStatus());
        cachain.add(cvcacert.getEncoded());
        // Create the request with WS API
        request = ejbcaraws.caRenewCertRequest(caname, cachain, false, false, false, pwd);
        // make the mandatory junit checks...
        assertNotNull(request);
        CVCRequestMessage cvcreq = RequestMessageUtils.genCVCRequestMessage(request);
        assertNotNull(cvcreq);
        assertEquals(dvinfo.getSubjectDN(), cvcreq.getRequestDN());
        CVCObject obj = CertificateParser.parseCVCObject(request);
        // System.out.println(obj.getAsText());
        CVCertificate cert = (CVCertificate) obj;
        assertEquals(cvcacert.getCVCertificate().getCertificateBody().getAuthorityReference().getConcatenated(), cert.getCertificateBody()
                .getAuthorityReference().getConcatenated());

        // Receive the response so the DV CA is activated
        HolderReferenceField dvholderref = cert.getCertificateBody().getHolderReference();
        CVCertificate dvretcert = CertificateGenerator.createTestCertificate(cert.getCertificateBody().getPublicKey(), cvcakeypair.getPrivate(), caRef,
                dvholderref, signalg, AuthorizationRoleEnum.DV_D);
        ejbcaraws.caCertResponse(caname, dvretcert.getDEREncoded(), cachain, pwd);
        // Check that the cert was received and the CA activated
        dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_ACTIVE, dvinfo.getStatus());
        Collection<java.security.cert.Certificate> dvcerts = dvinfo.getCertificateChain();
        assertEquals(2, dvcerts.size());
        CardVerifiableCertificate dvcertactive = (CardVerifiableCertificate)dvcerts.iterator().next();
        obj = CertificateParser.parseCVCObject(dvcertactive.getEncoded());
        // System.out.println(obj.getAsText());
        dvcertactive.verify(cvcakeypair.getPublic());
        // Check to see that is really the same keypair
        String pubk1 = new String(Base64.encode(dvcertactive.getPublicKey().getEncoded(), false));
        String pubk2 = new String(Base64.encode(cert.getCertificateBody().getPublicKey().getEncoded(), false));
        assertTrue(pubk1.compareTo(pubk2) == 0);
        String sequence1 = dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getSequence();

        /*
         * Second test is to renew a CA signed by an external CA *with renewing
         * the keys*, and activating them. This creates a new key pair and a
         * certificate request. Status is set to
         * "waiting for certificate response" because the new keys can not be
         * used until we have receive a certificate.
         */
        // Now we want to renew a DVCA signed by an external CVCA, generating
        // new keys
        // Create the request with WS API, cachain is our CVCA cert from
        // previously created CVCA, we use the previously created DV as well.
        pwd = "foo123";
        request = ejbcaraws.caRenewCertRequest(caname, cachain, true, false, true, pwd);
        // make the mandatory junit checks...
        assertNotNull(request);
        cvcreq = RequestMessageUtils.genCVCRequestMessage(request);
        assertNotNull(cvcreq);
        assertEquals(dvinfo.getSubjectDN(), cvcreq.getRequestDN());
        obj = CertificateParser.parseCVCObject(request);
        // System.out.println(obj.getAsText());
        // We should have created an authenticated request signed by the old
        // certificate
        CVCAuthenticatedRequest authreq = (CVCAuthenticatedRequest) obj;
        assertEquals(dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getConcatenated(), authreq.getAuthorityReference()
                .getConcatenated());
        cert = authreq.getRequest();
    // The request should be targeted for the CVCA, i.e. ca_ref in request should be the same as the CVCAs ref
        assertEquals(cvcacert.getCVCertificate().getCertificateBody().getAuthorityReference().getConcatenated(), cert.getCertificateBody()
                .getAuthorityReference().getConcatenated());
        // Now test our WS API that it has set status to "WAITING_FOR_CERTIFICATE_RESPONSE"
        dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_WAITING_CERTIFICATE_RESPONSE, dvinfo.getStatus());
        assertEquals ("DV should not be available", ejbcaraws.getLastCAChain(caname).size (),0);
        // Check to see that is really is a new keypair
        pubk1 = new String(Base64.encode(dvcertactive.getPublicKey().getEncoded(), false));
        pubk2 = new String(Base64.encode(cert.getCertificateBody().getPublicKey().getEncoded(), false));
        assertTrue(pubk1.compareTo(pubk2) != 0);

        // Receive the response so the DV CA is activated
        dvholderref = cert.getCertificateBody().getHolderReference();
        dvretcert = CertificateGenerator.createTestCertificate(cert.getCertificateBody().getPublicKey(), cvcakeypair.getPrivate(), caRef, dvholderref, signalg,
                AuthorizationRoleEnum.DV_D);
        ejbcaraws.caCertResponse(caname, dvretcert.getDEREncoded(), cachain, pwd);
        // Check that the cert was received and the CA activated
        dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_ACTIVE, dvinfo.getStatus());
        dvcerts = dvinfo.getCertificateChain();
        assertEquals(2, dvcerts.size());
        dvcertactive = (CardVerifiableCertificate)dvcerts.iterator().next();
        obj = CertificateParser.parseCVCObject(dvcertactive.getEncoded());
        // System.out.println(obj.getAsText());
        dvcertactive.verify(cvcakeypair.getPublic());
        String sequence2 = dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getSequence();
        int s1 = Integer.parseInt(sequence1);
        int s2 = Integer.parseInt(sequence2);
        assertEquals(s1 + 1, s2); // sequence in new certificate should be old
        // sequence + 1

        /*
         * Third test is to renew a CA signed by an external CA *with renewing
         * the keys* saying to *not* activate the key now. This creates a new
         * key pair and a certificate request, but the new key pair is not used
         * by the CA for issuing certificates. Status is not set to
         * "waiting for certificate response" because the old keys can still be
         * used until we have received a certificate and activated the new keys.
         */
        request = ejbcaraws.caRenewCertRequest(caname, cachain, true, false, false, pwd);
        // make the mandatory junit checks...
        assertNotNull(request);
        cvcreq = RequestMessageUtils.genCVCRequestMessage(request);
        assertNotNull(request);
        assertEquals(dvinfo.getSubjectDN(), cvcreq.getRequestDN());
        obj = CertificateParser.parseCVCObject(request);
        // System.out.println(obj.getAsText());
        // We should have created an authenticated request signed by the old
        // certificate
        authreq = (CVCAuthenticatedRequest) obj;
        assertEquals(dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getConcatenated(), authreq.getAuthorityReference()
                .getConcatenated());
        cert = authreq.getRequest();
        assertEquals(cvcacert.getCVCertificate().getCertificateBody().getAuthorityReference().getConcatenated(), cert.getCertificateBody()
                .getAuthorityReference().getConcatenated());
        String sequence3 = cert.getCertificateBody().getHolderReference().getSequence();
        int s3 = Integer.parseInt(sequence3);
        assertEquals(s2 + 1, s3); // sequence in new certificate request should
        // be old certificate sequence + 1
        // status should not be "WAITING_FOR_CERTIFICATE_RESPONSE"
        dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_ACTIVE, dvinfo.getStatus());
        // Check to see that is really is a new keypair
        dvcerts = dvinfo.getCertificateChain();
        assertEquals(2, dvcerts.size());
        dvcertactive = (CardVerifiableCertificate)dvcerts.iterator().next();
        String sequence4 = dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getSequence();
        assertEquals(sequence2, sequence4);
        PublicKey oldPublicKey = dvcertactive.getPublicKey();
        PublicKey newPublicKey = cert.getCertificateBody().getPublicKey();
        pubk1 = new String(Base64.encode(oldPublicKey.getEncoded(), false));
        pubk2 = new String(Base64.encode(newPublicKey.getEncoded(), false));
        assertTrue(pubk1.compareTo(pubk2) != 0);

        // Try to issue an IS certificate, it should be issued using the OLD
        // private key
        // Simple self signed request
        KeyPair keyPair = KeyTools.genKeys(keyspec, keyalg);
        CVCertificate isrequest = CertificateGenerator.createRequest(keyPair, signalg, caRef, holderRef);
        // Edit our favorite test user
        UserDataVOWS user1 = new UserDataVOWS();
        user1.setUsername("WSTESTUSER1");
        user1.setPassword("foo123");
        user1.setClearPwd(true);
        user1.setSubjectDN("CN=Test,C=SE");
        user1.setCaName(caname);
        user1.setStatus(UserDataConstants.STATUS_NEW);
        user1.setTokenType("USERGENERATED");
        user1.setEndEntityProfileName("EMPTY");
        user1.setCertificateProfileName("ENDUSER");
        // editUser and set status to new
        ejbcaraws.editUser(user1);
        List<Certificate> certenv = ejbcaraws.cvcRequest(user1.getUsername(), user1.getPassword(), new String(Base64.encode(isrequest.getDEREncoded())));
        assertNotNull(certenv);
        Certificate wscert = certenv.get(0);
        byte[] b64cert = wscert.getCertificateData();
        java.security.cert.Certificate iscert = CertTools.getCertfromByteArray(Base64.decode(b64cert));
        obj = CertificateParser.parseCVCObject(Base64.decode(b64cert));
        CVCertificate iscvc = (CVCertificate) obj;
        assertEquals("Test", iscvc.getCertificateBody().getHolderReference().getMnemonic());
        // It must verify using the DVCAs old public key
        PublicKey pk = KeyTools.getECPublicKeyWithParams(oldPublicKey, cvcacert.getPublicKey());
        iscert.verify(pk);
        boolean thrown = false;
        try {
            // it must not be possible to verify this with the new public key
            pk = KeyTools.getECPublicKeyWithParams(newPublicKey, cvcacert.getPublicKey());
            iscert.verify(pk);
        } catch (SignatureException e) {
            thrown = true;
        }
        assertTrue(thrown);

        // Receive the CA certificate response so the DV CA's new key is
        // activated
        dvholderref = cert.getCertificateBody().getHolderReference();
        dvretcert = CertificateGenerator.createTestCertificate(cert.getCertificateBody().getPublicKey(), cvcakeypair.getPrivate(), caRef, dvholderref, signalg,
                AuthorizationRoleEnum.DV_D);
        // Here we want to activate the new key pair
        // System.out.println(dvretcert.getAsText());
        ejbcaraws.caCertResponse(caname, dvretcert.getDEREncoded(), cachain, pwd);
        // Check that the cert was received and the CA activated
        dvinfo = caAdminSessionRemote.getCAInfo(intAdmin, caname);
        assertEquals(SecConst.CA_ACTIVE, dvinfo.getStatus());
        dvcerts = dvinfo.getCertificateChain();
        assertEquals(2, dvcerts.size());
        dvcertactive = (CardVerifiableCertificate) dvcerts.iterator().next();
        obj = CertificateParser.parseCVCObject(dvcertactive.getEncoded());
        // System.out.println(obj.getAsText());
        dvcertactive.verify(cvcakeypair.getPublic());
        String sequence5 = dvcertactive.getCVCertificate().getCertificateBody().getHolderReference().getSequence();
        assertEquals(sequence3, sequence5); // sequence in new certificate
        // should be same as sequence in
        // request, which was old sequence +
        // 1
        // Check to see that is really is the new keypair
        pubk1 = new String(Base64.encode(dvcertactive.getPublicKey().getEncoded(), false));
        pubk2 = new String(Base64.encode(newPublicKey.getEncoded(), false));
        assertEquals(pubk1, pubk2);
        // Finally verify that we can issue an IS certificate and verify with
        // the new public key, i.e. it is signed by the new private key
        // Simple self signed request
        isrequest = CertificateGenerator.createRequest(keyPair, signalg, caRef, holderRef);
        // Edit our favorite test user
        user1 = new UserDataVOWS();
        user1.setUsername("WSTESTUSER1");
        user1.setPassword("foo123");
        user1.setClearPwd(true);
        user1.setSubjectDN("CN=Test1,C=SE");
        user1.setCaName(caname);
        user1.setStatus(UserDataConstants.STATUS_NEW);
        user1.setTokenType("USERGENERATED");
        user1.setEndEntityProfileName("EMPTY");
        user1.setCertificateProfileName("ENDUSER");
        // editUser and set status to new
        ejbcaraws.editUser(user1);
        certenv = ejbcaraws.cvcRequest(user1.getUsername(), user1.getPassword(), new String(Base64.encode(isrequest.getDEREncoded())));
        assertNotNull(certenv);
        wscert = certenv.get(0);
        b64cert = wscert.getCertificateData();
        iscert = CertTools.getCertfromByteArray(Base64.decode(b64cert));
        obj = CertificateParser.parseCVCObject(Base64.decode(b64cert));
        iscvc = (CVCertificate) obj;
        assertEquals("Test1", iscvc.getCertificateBody().getHolderReference().getMnemonic());
        // It must verify using the DVCAs new public key, which is the same as
        // the one we imported
        pk = KeyTools.getECPublicKeyWithParams(dvcertactive.getPublicKey(), cvcacert.getPublicKey());
        iscert.verify(pk);
        pk = KeyTools.getECPublicKeyWithParams(dvretcert.getCertificateBody().getPublicKey(), cvcacert.getPublicKey());
        iscert.verify(pk);
       
        return cvcacert;
View Full Code Here

              Date notBefore = new Date();
              Calendar notAfter = Calendar.getInstance();
              notAfter.add(Calendar.DAY_OF_MONTH, valdays);
              CVCertificate cvc = CertificateGenerator.createCertificate(pubKey, privKey,
                  sigAlg, caRef, holderRef, authRole, AccessRightEnum.READ_ACCESS_DG3_AND_DG4, notBefore, notAfter.getTime(), "BC");
              cacert = new CardVerifiableCertificate(cvc);
          } else {
            getLogger().info("Using passed in self signed certificate.");
            cacert = cert;
          } try {
            cacert.verify(pubKey);
View Full Code Here

TOP

Related Classes of org.ejbca.cvc.CardVerifiableCertificate

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.