Examples of PKIHeader

• com.novosec.pkix.asn1.cmp.PKIHeader
  ASN.1 structure DER En/DeCoder.

   PKIHeader ::= SEQUENCE { pvno                INTEGER     { ietf-version2 (1) }, sender              GeneralName,                        -- identifies the sender recipient           GeneralName,                        -- identifies the intended recipient messageTime     [0] GeneralizedTime         OPTIONAL,   -- time of production of this message protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,   -- algorithm used for calculation of protection bits senderKID       [2] KeyIdentifier           OPTIONAL,   -- (OCTET STRING) recipKID        [3] KeyIdentifier           OPTIONAL,   -- (OCTET STRING) to identify specific keys used for protection transactionID   [4] OCTET STRING            OPTIONAL,   -- identifies the transaction; i.e., this will be the same in corresponding request, response and confirmation messages senderNonce     [5] OCTET STRING            OPTIONAL, recipNonce      [6] OCTET STRING            OPTIONAL,   -- nonces used to provide replay protection, senderNonce is inserted by the creator of this message; recipNonce is a nonce previously inserted in a related message by the intended recipient of this message freeText        [7] PKIFreeText             OPTIONAL,   -- this may be used to indicate context-specific instructions (this field is intended for human consumption) generalInfo     [8] SEQUENCE SIZE (1..MAX) OF InfoTypeAndValue     OPTIONAL    -- this may be used to convey context-specific information (this field not primarily intended for human consumption) }      

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

  private int iterationCount = 1024;
  private byte[] salt = null;
  private String lastUsedRaSecret = null;

  public CmpPbeVerifyer(PKIMessage msg) {
    PKIHeader head = msg.getHeader();
    protectedBytes = msg.getProtectedBytes();
    protection = msg.getProtection();
    pAlg = head.getProtectionAlg();
    LOG.debug("Protection type is: "+pAlg.getObjectId().getId());
    PBMParameter pp = PBMParameter.getInstance(pAlg.getParameters());
    iterationCount = pp.getIterationCount().getPositiveValue().intValue();
    LOG.debug("Iteration count is: "+iterationCount);
    AlgorithmIdentifier owfAlg = pp.getOwf();

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

    setMessage(msg);
  }

  private void init() {
    final PKIBody body = getPKIMessage().getBody();
    final PKIHeader header = getPKIMessage().getHeader();
    requestType = body.getTagNo();
    final CertReqMessages msgs = getCertReqFromTag(body, requestType);
    requestId = msgs.getCertReqMsg(0).getCertReq().getCertReqId().getValue().intValue();
    this.req = msgs.getCertReqMsg(0);
    DEROctetString os = header.getTransactionID();
    if (os != null) {
      byte[] val = os.getOctets();
      if (val != null) {
        setTransactionId(new String(Base64.encode(val)));
      }
    }
    os = header.getSenderNonce();
    if (os != null) {
      byte[] val = os.getOctets();
      if (val != null) {
        setSenderNonce(new String(Base64.encode(val)));
      }
    }
    setRecipient(header.getRecipient());
    setSender(header.getSender());
  }

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

      subject = "CN=fooSubject";
    }

    X509Name issuerName = new X509Name(issuer);
    X509Name subjectName = new X509Name(subject);
    PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(issuerName, subjectName, senderNonce, recipientNonce, transactionId);

    try {
      if (status.equals(ResponseStatus.SUCCESS)) {
        if (cert != null) {
            if (log.isDebugEnabled()) {

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

    private static final InternalResources INTRES = InternalResources.getInstance();

  private static final String CMP_ERRORGENERAL = "cmp.errorgeneral";

  public static PKIHeader createPKIHeader(X509Name sender, X509Name recipient, String senderNonce, String recipientNonce, String transactionId) {
    PKIHeader myPKIHeader =
      new PKIHeader(
          new DERInteger(2),
          new GeneralName(sender),
          new GeneralName(recipient));
    myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
    if (senderNonce != null) {
      myPKIHeader.setSenderNonce(new DEROctetString(Base64.decode(senderNonce.getBytes())));
    }
    if (recipientNonce != null) {
      myPKIHeader.setRecipNonce(new DEROctetString(Base64.decode(recipientNonce.getBytes())));
    }
    if (transactionId != null) {
      myPKIHeader.setTransactionID(new DEROctetString(Base64.decode(transactionId.getBytes())));
    }
    return myPKIHeader;
  }

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

  public static byte[] protectPKIMessageWithPBE(PKIMessage msg, String keyId, String raSecret, String digestAlgId, String macAlgId, int iterationCount) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException {
      if (LOG.isTraceEnabled()) {
        LOG.trace(">protectPKIMessageWithPBE()");
      }
    // Create the PasswordBased protection of the message
    PKIHeader head = msg.getHeader();
    byte[] keyIdBytes;
    try {
      keyIdBytes = keyId.getBytes("UTF-8");
    } catch (UnsupportedEncodingException e) {
      keyIdBytes = keyId.getBytes();
      LOG.info("UTF-8 not available, using platform default encoding for keyIdBytes.");
    }
    head.setSenderKID(new DEROctetString(keyIdBytes));
    // SHA1
    //AlgorithmIdentifier owfAlg = new AlgorithmIdentifier("1.3.14.3.2.26");
    AlgorithmIdentifier owfAlg = new AlgorithmIdentifier(digestAlgId);
    // iterations, usually something like 1024
    DERInteger iteration = new DERInteger(iterationCount);
    // HMAC/SHA1
    //AlgorithmIdentifier macAlg = new AlgorithmIdentifier("1.2.840.113549.2.7");
    AlgorithmIdentifier macAlg = new AlgorithmIdentifier(macAlgId);
    // We need some random bytes for the nonce
    byte[] saltbytes = createSenderNonce();
    DEROctetString derSalt = new DEROctetString(saltbytes);

    // Create the new protected return message
    //String objectId = "1.2.840.113533.7.66.13" = passwordBasedMac;
    String objectId = CMPObjectIdentifiers.passwordBasedMac.getId();
    PBMParameter pp = new PBMParameter(derSalt, owfAlg, iteration, macAlg);
    AlgorithmIdentifier pAlg = new AlgorithmIdentifier(new DERObjectIdentifier(objectId), pp);
    head.setProtectionAlg(pAlg);
    PKIBody body = msg.getBody();
    PKIMessage ret = new PKIMessage(head, body);

    // Calculate the protection bits
    byte[] rasecret = raSecret.getBytes();

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

        String errMsg = intres.getLocalizedMessage("cmp.receivedrevreqnoissuer");
        log.info(errMsg);
      }
    }
    setMessage(msg);
    PKIHeader header = msg.getHeader();
    DEROctetString os = header.getTransactionID();
    if (os != null) {
      byte[] val = os.getOctets();
      if (val != null) {
        setTransactionId(new String(Base64.encode(val)));
      }
    }
    os = header.getSenderNonce();
    if (os != null) {
      byte[] val = os.getOctets();
      if (val != null) {
        setSenderNonce(new String(Base64.encode(val)));
      }
    }
    setRecipient(header.getRecipient());
    setSender(header.getSender());
  }

Examples of com.novosec.pkix.asn1.cmp.PKIHeader

      NoSuchAlgorithmException, NoSuchProviderException,
      SignRequestException, NotFoundException {

    X509Name sender = X509Name.getInstance(getSender().getName());
    X509Name recipient = X509Name.getInstance(getRecipient().getName());
    PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(sender, recipient, getSenderNonce(), getRecipientNonce(), getTransactionId());
    PKIBody myPKIBody = new PKIBody(new DERNull(), 19);
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);

    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());