Examples of com.novosec.pkix.asn1.cmp.PKIBody

com.novosec.pkix.asn1.cmp.PKIHeader

ASN.1 structure DER En/DeCoder.

 PKIBody ::= CHOICE { ir      [0]  CertReqMessages,        --Initialization Request ip      [1]  CertRepMessage,         --Initialization Response cr      [2]  CertReqMessages,        --Certification Request cp      [3]  CertRepMessage,         --Certification Response p10cr   [4]  CertificationRequest,   --imported from [PKCS10] popdecc [5]  POPODecKeyChallContent, --pop Challenge popdecr [6]  POPODecKeyRespContent,  --pop Response kur     [7]  CertReqMessages,        --Key Update Request kup     [8]  CertRepMessage,         --Key Update Response krr     [9]  CertReqMessages,        --Key Recovery Request krp     [10] KeyRecRepContent,       --Key Recovery Response rr      [11] RevReqContent,          --Revocation Request rp      [12] RevRepContent,          --Revocation Response ccr     [13] CertReqMessages,        --Cross-Cert. Request ccp     [14] CertRepMessage,         --Cross-Cert. Response ckuann  [15] CAKeyUpdAnnContent,     --CA Key Update Ann. cann    [16] CertAnnContent,         --Certificate Ann.      (X509Certificate) rann    [17] RevAnnContent,          --Revocation Ann. crlann  [18] CRLAnnContent,          --CRL Announcement conf    [19] PKIConfirmContent,      --Confirmation          (NULL) nested  [20] NestedMessageContent,   --Nested Message        (PKIMessage) genm    [21] GenMsgContent,          --General Message genp    [22] GenRepContent,          --General Response error   [23] ErrorMsgContent         --Error Message certConf[24] CertConfirmContent      --Certificate Confirm }

        myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));          
      }
    }
    RevRepContent myRevrepMessage = new RevRepContent(myPKIStatusInfo);


    PKIBody myPKIBody = new PKIBody(myRevrepMessage, CmpPKIBodyConstants.REVOCATIONRESPONSE);
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);


    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());
    } else {

View Full Code Here

    }
    setMessage(msg);
  }


  private void init() {
    final PKIBody body = getPKIMessage().getBody();
    final PKIHeader header = getPKIMessage().getHeader();
    requestType = body.getTagNo();
    final CertReqMessages msgs = getCertReqFromTag(body, requestType);
    requestId = msgs.getCertReqMsg(0).getCertReq().getCertReqId().getValue().intValue();
    this.req = msgs.getCertReqMsg(0);
    DEROctetString os = header.getTransactionID();
    if (os != null) {

View Full Code Here

          
          int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc
            if (log.isDebugEnabled()) {
              log.debug("Creating response body of type " + respType);
            }
          PKIBody myPKIBody = new PKIBody(myCertRepMessage, respType); 
          PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
          
          if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
            responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
          } else {
            responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
          }
          ret = true;  
        }
      } else if (status.equals(ResponseStatus.FAILURE)) {
          if (log.isDebugEnabled()) {
            log.debug("Creating a CertRepMessage 'rejected'");
          }
        // Create a failure message
        PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
        myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
        if (failText != null) {
          myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));          
        }
        PKIBody myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
        
        if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
          responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
        } else {
          responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
        }
        ret = true;  
      } else {
          if (log.isDebugEnabled()) {
            log.debug("Creating a 'waiting' message?");
          }
        // Not supported, lets create a PKIError failure instead
        // Create a failure message
        PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
        myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
        if (failText != null) {
          myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));          
        }
        ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo);
        PKIBody myPKIBody = new PKIBody(myErrorContent, 23); // 23 = error
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
        if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
          responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
        } else {
          responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);

View Full Code Here

    //String objectId = "1.2.840.113533.7.66.13" = passwordBasedMac;
    String objectId = CMPObjectIdentifiers.passwordBasedMac.getId();
    PBMParameter pp = new PBMParameter(derSalt, owfAlg, iteration, macAlg);
    AlgorithmIdentifier pAlg = new AlgorithmIdentifier(new DERObjectIdentifier(objectId), pp);
    head.setProtectionAlg(pAlg);
    PKIBody body = msg.getBody();
    PKIMessage ret = new PKIMessage(head, body);


    // Calculate the protection bits
    byte[] rasecret = raSecret.getBytes();
    byte[] basekey = new byte[rasecret.length + saltbytes.length];

View Full Code Here


    int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc
    if (LOG.isDebugEnabled()) {
      LOG.debug("Creating response body of type "+respType);
    }
    PKIBody myPKIBody = new PKIBody(myCertRepMessage, respType); 
    
    return myPKIBody;
  }

View Full Code Here

     *
     */
    static final long serialVersionUID = 1000L;


  public GeneralCmpMessage(PKIMessage msg) {
    PKIBody body = msg.getBody();
    int tag = body.getTagNo();
    if (tag == 19) {
      // this is a PKIConfirmContent
      if (log.isDebugEnabled()) {
        log.debug("Received a PKIConfirm message");
      }
      // This is a null message, so there is nothing to get here
      //DERNull obj = body.getConf();
    }
    if (tag == 24) {
      // this is a CertConfirmContent
      if (log.isDebugEnabled()) {
        log.debug("Received a Cert Confirm message");
      }
      CertConfirmContent obj = body.getCertConf();
      PKIStatusInfo status = obj.getPKIStatus();
      if (status != null) {
        int st = status.getStatus().getValue().intValue();
        if (st != 0) {
          String errMsg = intres.getLocalizedMessage("cmp.errorcertconfirmstatus", Integer.valueOf(st));
          log.error(errMsg);
          // TODO: if it is rejected, we should revoke the cert?
        }
      }
    }
    if (tag == 11) {
      // this is a RevReqContent,
      if (log.isDebugEnabled()) {
        log.debug("Received a RevReqContent");
      }
      RevReqContent rr = body.getRr();
      RevDetails rd = rr.getRevDetails(0);
      CertTemplate ct = rd.getCertDetails();
      DERInteger serno = ct.getSerialNumber();
      X509Name issuer = ct.getIssuer();
      if ( (serno != null) && (issuer != null) ) {

View Full Code Here

      SignRequestException, NotFoundException {


    X509Name sender = X509Name.getInstance(getSender().getName());
    X509Name recipient = X509Name.getInstance(getRecipient().getName());
    PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(sender, recipient, getSenderNonce(), getRecipientNonce(), getTransactionId());
    PKIBody myPKIBody = new PKIBody(new DERNull(), 19);
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);


    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());
    } else {

View Full Code Here

    PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
    if (failInfo != null) {
      myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());      
    }
    if (failText != null) {    
      myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
    }
    PKIBody myPKIBody = null;
    log.debug("Create error message from requestType: "+requestType);
    if (requestType==0 || requestType==2) {
      myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);

View Full Code Here

        DERInteger i = info.getStatus();
        assertEquals(i.getValue().intValue(), 2);
        DERBitString b = info.getFailInfo();
        assertEquals("Return wrong error code.", errorCode, b.intValue());
        if (errorMsg != null) {
            PKIFreeText freeText = info.getStatusString();
            DERUTF8String utf = freeText.getString(0);
            assertEquals(errorMsg, utf.getString());
        }
    }

View Full Code Here

        ProofOfPossession myProofOfPossession = new ProofOfPossession(new DERNull(), 0);
        myCertReqMsg.setPop(myProofOfPossession);
        AttributeTypeAndValue av = new AttributeTypeAndValue(CRMFObjectIdentifiers.regCtrl_regToken, new DERUTF8String("foo123"));
        myCertReqMsg.addRegInfo(av);
        CertReqMessages myCertReqMessages = new CertReqMessages(myCertReqMsg);
        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name("CN=bogusSubject")), new GeneralName(new X509Name("CN=bogusIssuer")));
        myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
        myPKIHeader.setSenderNonce(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        myPKIHeader.setTransactionID(new DEROctetString(CmpMessageHelper.createSenderNonce()));
        PKIBody myPKIBody = new PKIBody(myCertReqMessages, 0);
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
      // Create a bogus CrmfRequestMessage
      CrmfRequestMessage crmf = new CrmfRequestMessage(myPKIMessage, "CN=SomeCA", true, null);
      crmf.setPbeParameters("keyId", "key", "digestAlg", "macAlg", 100);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of com.novosec.pkix.asn1.cmp.PKIBody

org.bouncycastle.asn1.ASN1EncodableVector

org.bouncycastle.asn1.ASN1Sequence

org.bouncycastle.asn1.ASN1TaggedObject

org.bouncycastle.asn1.DERNull

org.bouncycastle.asn1.DERObjectIdentifier

org.bouncycastle.asn1.DEROutputStream

org.bouncycastle.asn1.DERSequence

org.bouncycastle.asn1.DERTaggedObject

org.bouncycastle.asn1.x509.CertificateList

org.ejbca.core.ejb.ra.CertificateRequestSessionBean

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.