if (status.equals(ResponseStatus.SUCCESS)) {
if (cert != null) {
if (log.isDebugEnabled()) {
log.debug("Creating a CertRepMessage 'accepted'");
}
PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(0)); // 0 = accepted
CertResponse myCertResponse = new CertResponse(new DERInteger(requestId), myPKIStatusInfo);
X509CertificateStructure struct = X509CertificateStructure.getInstance(new ASN1InputStream(new ByteArrayInputStream(cert.getEncoded())).readObject());
CertOrEncCert retCert = new CertOrEncCert(struct, 0);
CertifiedKeyPair myCertifiedKeyPair = new CertifiedKeyPair(retCert);
myCertResponse.setCertifiedKeyPair(myCertifiedKeyPair);
//myCertResponse.setRspInfo(new DEROctetString(new byte[] { 101, 111, 121 }));
CertRepMessage myCertRepMessage = new CertRepMessage(myCertResponse);
int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc
if (log.isDebugEnabled()) {
log.debug("Creating response body of type " + respType);
}
PKIBody myPKIBody = new PKIBody(myCertRepMessage, respType);
PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
} else {
responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
}
ret = true;
}
} else if (status.equals(ResponseStatus.FAILURE)) {
if (log.isDebugEnabled()) {
log.debug("Creating a CertRepMessage 'rejected'");
}
// Create a failure message
PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
if (failText != null) {
myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
}
PKIBody myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
} else {
responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
}
ret = true;
} else {
if (log.isDebugEnabled()) {
log.debug("Creating a 'waiting' message?");
}
// Not supported, lets create a PKIError failure instead
// Create a failure message
PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
if (failText != null) {
myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
}
ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo);
PKIBody myPKIBody = new PKIBody(myErrorContent, 23); // 23 = error
PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {