Examples of RevDetails

• com.novosec.pkix.asn1.cmp.RevDetails
  ASN.1 structure DER En/DeCoder.

   RevDetails ::= SEQUENCE { certDetails         CertTemplate,                -- allows requester to specify as much as they can about the cert. for which revocation is requested revocationReason    ReasonFlags      OPTIONAL,   -- the reason that revocation is requested badSinceDate        GeneralizedTime  OPTIONAL,   -- indicates best knowledge of sender crlEntryDetails     Extensions       OPTIONAL    -- requested crlEntryExtensions (X509Extensions) } ReasonFlags ::= BIT STRING { unused(0),  keyCompromise(1),  caCompromise(2),  affiliationChanged(3), superseded(4),  cessationOfOperation(5),  certificateHold(6) } 

Examples of com.novosec.pkix.asn1.cmp.RevDetails

        if (ret) {
          // If authentication was correct, we will now try to find the certificate to revoke
          PKIMessage pkimsg = msg.getMessage();
          PKIBody body = pkimsg.getBody();
          RevReqContent rr = body.getRr();
          RevDetails rd = rr.getRevDetails(0);
          CertTemplate ct = rd.getCertDetails();
          DERInteger serno = ct.getSerialNumber();
          X509Name issuer = ct.getIssuer();
          // Get the revocation reason.
          // For CMPv1 this can be a simple DERBitString or it can be a requested CRL Entry Extension
          // If there exists CRL Entry Extensions we will use that, because it's the only thing allowed in CMPv2
          int reason = RevokedCertInfo.REVOCATION_REASON_UNSPECIFIED;
          DERBitString reasonbits = rd.getRevocationReason();
          if (reasonbits != null) {
            reason = CertTools.bitStringToRevokedCertInfo(reasonbits);
            LOG.debug("CMPv1 revocation reason: "+reason);
          } else {
            LOG.debug("CMPv1 revocation reason is null");
          }
          X509Extensions crlExt = rd.getCrlEntryDetails();
          if (crlExt != null) {
            X509Extension ext = crlExt.getExtension(X509Extensions.ReasonCode);
            if (ext != null) {
              try {
                ASN1InputStream ai = new ASN1InputStream(ext.getValue().getOctets());

Examples of com.novosec.pkix.asn1.cmp.RevDetails

        CertTemplate myCertTemplate = new CertTemplate();
        myCertTemplate.setIssuer(new X509Name(issuerDN));
        myCertTemplate.setSubject(new X509Name(userDN));
        myCertTemplate.setSerialNumber(new DERInteger(serNo));

        RevDetails myRevDetails = new RevDetails(myCertTemplate);
        ReasonFlags reasonbits = new ReasonFlags(ReasonFlags.keyCompromise);
        myRevDetails.setRevocationReason(reasonbits);
        if (crlEntryExtension) {
            CRLReason crlReason = new CRLReason(CRLReason.cessationOfOperation);
            X509Extension ext = new X509Extension(false, new DEROctetString(crlReason.getEncoded()));
            Hashtable<DERObjectIdentifier, X509Extension> ht = new Hashtable<DERObjectIdentifier, X509Extension>();
            ht.put(X509Extensions.ReasonCode, ext);
            myRevDetails.setCrlEntryDetails(new X509Extensions(ht));
        }

        RevReqContent myRevReqContent = new RevReqContent(myRevDetails);

        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name(userDN)), new GeneralName(new X509Name(((X509Certificate)cacert).getSubjectDN()

Examples of com.novosec.pkix.asn1.cmp.RevDetails

      // this is a RevReqContent,
      if (log.isDebugEnabled()) {
        log.debug("Received a RevReqContent");
      }
      RevReqContent rr = body.getRr();
      RevDetails rd = rr.getRevDetails(0);
      CertTemplate ct = rd.getCertDetails();
      DERInteger serno = ct.getSerialNumber();
      X509Name issuer = ct.getIssuer();
      if ( (serno != null) && (issuer != null) ) {
        String errMsg = intres.getLocalizedMessage("cmp.receivedrevreq", issuer.toString(), serno.getValue().toString(16));
        log.info(errMsg);