Examples of CVCObject

Examples of org.ejbca.cvc.CVCObject

143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
                // Default caRef if we do not pass in a certificate to get caRef from
            CAReferenceField authCaRef = new CAReferenceField(country,mnemonic,sequence);
            CVCertificate authCert = null;
            if (authSignCertFile != null) {
              getPrintStream().println("Reading cert from cvcert file "+authSignCertFile+" to create an authenticated request");             
              CVCObject parsedObject = CvcPrintCommand.getCVCObject(authSignCertFile);
              authCert = (CVCertificate)parsedObject;
              String c = authCert.getCertificateBody().getHolderReference().getCountry();
              String m = authCert.getCertificateBody().getHolderReference().getMnemonic();
              String s = authCert.getCertificateBody().getHolderReference().getSequence();
              authCaRef = new CAReferenceField(c, m, s);
            }
            CVCAuthenticatedRequest authRequest = CertificateGenerator.createAuthenticatedRequest(request, authKeyPair, signatureAlg, authCaRef);
            // Test to verify it yourself first
            if (authCert != null) {
              getPrintStream().println("Verifying the request before sending it...");
              PublicKey pk = KeyTools.getECPublicKeyWithParams(authCert.getCertificateBody().getPublicKey(), keySpec);
              authRequest.verify(pk);             
            }
            der = authRequest.getDEREncoded();           
          }
          cvcreq = new String(Base64.encode(der));
          // Print the generated request to file
          FileOutputStream fos = new FileOutputStream(basefilename+".cvreq");
          fos.write(der);
          fos.close();         
          getPrintStream().println("Wrote binary request to: "+basefilename+".cvreq");
          fos = new FileOutputStream(basefilename+".pkcs8");
          fos.write(keyPair.getPrivate().getEncoded());
          fos.close();         
          getPrintStream().println("Wrote private key in "+keyPair.getPrivate().getFormat()+" format to to: "+basefilename+".pkcs8");
        } else {
          // Read request from file
          getPrintStream().println("Reading request from filename: "+basefilename+".cvreq");
          byte[] der = FileTools.readFiletoBuffer(basefilename+".cvreq");
          cvcreq = new String(Base64.encode(der));
        }
       
        // Edit a user, creating it if it does not exist
        // Actually don't do that, leverage the existing commands and force to use the editUser command instead.
        // This also makes this CLI exactly represent the actual WS-API call
        // getEjbcaRAWS().editUser(userdata);
       
        getPrintStream().println("Submitting CVC request for user '"+username+"'.");
        getPrintStream().println();             
        // Use the request and request a certificate
        List<Certificate> resp = getEjbcaRAWS().cvcRequest(username, userpassword, cvcreq);

        // Handle the response
        Certificate cert = resp.get(0);
        byte[] b64cert = cert.getCertificateData();
        CVCObject parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
        CVCertificate cvcert = (CVCertificate)parsedObject;
        FileOutputStream fos = new FileOutputStream(basefilename+".cvcert");
        fos.write(cvcert.getDEREncoded());
        fos.close();
        getPrintStream().println("Wrote binary certificate to: "+basefilename+".cvcert");
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

73
74
75
76
77
78
79
80
81
82
83
        getPrintStream().println("No point in converting to the same format, exiting.");
        return;
      }
      getPrintStream().println("converting CV Certificate ("+inform+"): "+infile+" to "+outform);
      // Read file to a buffer and use the toString functions in the cvc-lib
      CVCObject parsedObject = getCVCObject(infile);
      byte[] bytes = null;
      if (parsedObject instanceof CVCAuthenticatedRequest) {
        CVCAuthenticatedRequest authreq = (CVCAuthenticatedRequest)parsedObject;
        bytes = authreq.getDEREncoded();
      } else {
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

108
109
110
111
112
113
114
115
116
117
118
      throw new ErrorAdminCommandException(e);
    }
  }

  protected static CVCObject getCVCObject(String filename) throws IOException, CvcException, CertificateException {
    CVCObject ret = null;
    try {
      byte[] cvcdata = FileTools.readFiletoBuffer(filename);       
      ret = CertificateParser.parseCVCObject(cvcdata);
    } catch (Exception e) {
      try {
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
        assertEquals(1, cachain.size());
        Certificate cert1 = (Certificate) cachain.iterator().next();
        CardVerifiableCertificate cvcert1 = (CardVerifiableCertificate) cert1;
        assertEquals("SETESTCVCA00001", cvcert1.getCVCertificate().getCertificateBody().getHolderReference().getConcatenated());
        byte[] request = caAdminSession.makeRequest(admin, cvcainfo.getCAId(), cachain, false, false, false, null);
        CVCObject obj = CertificateParser.parseCVCObject(request);
        // We should have created an authenticated request signed by the default
        // key, we intended to have it signed by the old key,
        // but since the CVCA is not renewed, and no old key exists, it will be
        // the "defaultKey", but we won't know the difference in this test.
        CVCAuthenticatedRequest authreq = (CVCAuthenticatedRequest) obj;
        CVCertificate reqcert = authreq.getRequest();
        assertEquals("SETESTCVCA00001", reqcert.getCertificateBody().getHolderReference().getConcatenated());
        assertEquals("SETESTCVCA00001", reqcert.getCertificateBody().getAuthorityReference().getConcatenated());

        // Make a certificate request from a DV, regenerating keys
        cachain = dvdcainfo.getCertificateChain();
        request = caAdminSession.makeRequest(admin, dvdcainfo.getCAId(), cachain, true, false, true, "foo123");
        obj = CertificateParser.parseCVCObject(request);
        // We should have created an authenticated request signed by the old
        // certificate
        authreq = (CVCAuthenticatedRequest) obj;
        reqcert = authreq.getRequest();
        assertEquals("SETESTDV-D00002", reqcert.getCertificateBody().getHolderReference().getConcatenated());
        // This request is made from the DV targeted for the DV, so the old DV
        // certificate will be the holder ref.
        // Normally you would target an external CA, and thus send in it's
        // cachain. The caRef would be the external CAs holderRef.
        assertEquals("SETESTDV-D00001", reqcert.getCertificateBody().getAuthorityReference().getConcatenated());

        // Get the DVs certificate request signed by the CVCA
        byte[] authrequest = caAdminSession.signRequest(admin, cvcainfo.getCAId(), request, false, false);
        CVCObject parsedObject = CertificateParser.parseCVCObject(authrequest);
        authreq = (CVCAuthenticatedRequest) parsedObject;
        assertEquals("SETESTDV-D00002", authreq.getRequest().getCertificateBody().getHolderReference().getConcatenated());
        assertEquals("SETESTDV-D00001", authreq.getRequest().getCertificateBody().getAuthorityReference().getConcatenated());
        assertEquals("SETESTCVCA00001", authreq.getAuthorityReference().getConcatenated());
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
        assertEquals("READ_ACCESS_DG3_AND_DG4", accessRights);

        // Make a certificate request from a DV, regenerating keys
        Collection<Certificate> cachain = dvdcainfo.getCertificateChain();
        byte[] request = caAdminSession.makeRequest(admin, dvdcainfo.getCAId(), cachain, true, false, true, "foo123");
        CVCObject obj = CertificateParser.parseCVCObject(request);
        // We should have created an authenticated request signed by the old
        // certificate
        CVCAuthenticatedRequest authreq = (CVCAuthenticatedRequest) obj;
        CVCertificate reqcert = authreq.getRequest();
        assertEquals("SETDVEC-D00002", reqcert.getCertificateBody().getHolderReference().getConcatenated());
        // This request is made from the DV targeted for the DV, so the old DV
        // certificate will be the holder ref.
        // Normally you would target an external CA, and thus send in it's
        // cachain. The caRef would be the external CAs holderRef.
        assertEquals("SETDVEC-D00001", reqcert.getCertificateBody().getAuthorityReference().getConcatenated());

        // Get the DVs certificate request signed by the CVCA
        byte[] authrequest = caAdminSession.signRequest(admin, cvcainfo.getCAId(), request, false, false);
        CVCObject parsedObject = CertificateParser.parseCVCObject(authrequest);
        authreq = (CVCAuthenticatedRequest) parsedObject;
        assertEquals("SETDVEC-D00002", authreq.getRequest().getCertificateBody().getHolderReference().getConcatenated());
        assertEquals("SETDVEC-D00001", authreq.getRequest().getCertificateBody().getAuthorityReference().getConcatenated());
        assertEquals("SETCVCAEC00001", authreq.getAuthorityReference().getConcatenated());
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
      }
      CryptoProviderTools.installBCProvider();
      String filename = args[1];
      getPrintStream().println("Printing CV Certificate: "+filename);
      // Read file to a buffer and use the toString functions in the cvc-lib
      CVCObject parsedObject = getCVCObject(filename);
      getPrintStream().println(parsedObject.getAsText(""));
      if (args.length > 2) {
        String verifycert = args[2];
        String type = "certificate";
        if (parsedObject instanceof CVCAuthenticatedRequest) {
          type = "authenticated request";
        }
        getPrintStream().println("Verifying "+type+" "+filename+" with certificate "+verifycert);
        CVCObject parsedVerifyObject = getCVCObject(verifycert);
        CVCertificate cert2 = (CVCertificate)parsedVerifyObject;
        PublicKey pk = cert2.getCertificateBody().getPublicKey();
        if (args.length > 3) {
          // we have an additional curve name
          String cvcacert = args[3];
          getPrintStream().println("Using CVCA certificate "+cvcacert+" for EC parameters.");
          CVCObject parsedCvcaObject = getCVCObject(cvcacert);
          CVCertificate cvca = (CVCertificate)parsedCvcaObject;
          pk = KeyTools.getECPublicKeyWithParams(pk, cvca.getCertificateBody().getPublicKey());
        }
        try {
          if (parsedObject instanceof CVCAuthenticatedRequest) {
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

105
106
107
108
109
110
111
112
113
114
115
      throw new ErrorAdminCommandException(e);
    }
  }

  protected static CVCObject getCVCObject(String filename) throws IOException, CvcException, CertificateException {
    CVCObject ret = null;
    try {
      byte[] cvcdata = FileTools.readFiletoBuffer(filename);       
      ret = CertificateParser.parseCVCObject(cvcdata);
    } catch (Exception e) {
      try {
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

74
75
76
77
78
79
80
81
82
83
84
        List<Certificate> resp = getEjbcaRAWS().getLastCertChain(username);
        // Handle the response
        int i = 1;
        for (Certificate certificate : resp) {
          byte[] b64cert = certificate.getCertificateData();
          CVCObject parsedObject = CertificateParser.parseCertificate(Base64.decode(b64cert));
          CVCertificate cvcert = (CVCertificate)parsedObject;
          FileOutputStream fos = new FileOutputStream(basefilename+i+".cvcert");
          fos.write(cvcert.getDEREncoded());
          fos.close();
          getPrintStream().println("Wrote binary certificate to: "+basefilename+i+".cvcert");
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

89
90
91
92
93
94
95
96
97
98
99
        init();
    }

    private void init() {
    try {
      CVCObject parsedObject;
      parsedObject = CertificateParser.parseCVCObject(cvcmsg);
      if (parsedObject instanceof CVCertificate) {
        cvcert = (CVCertificate) parsedObject;
      } else if (parsedObject instanceof CVCAuthenticatedRequest) {
        CVCAuthenticatedRequest authreq = (CVCAuthenticatedRequest)parsedObject;
View Full Code Here

Examples of org.ejbca.cvc.CVCObject

289
290
291
292
293
294
295
296
297
298
299
          } catch (Exception e2) {
            log.debug("This is not a PEM request?: "+e2.getMessage());           
          }
        }
        // This can be either a CV certificate, a CV certificate request, or an authenticated request that we should re-sign
        CVCObject parsedObject;
        parsedObject = CertificateParser.parseCVCObject(binbytes);
        if (parsedObject instanceof CVCertificate) {
          cvcert = (CVCertificate) parsedObject;
          log.debug("This is a reqular CV request, or cert.");         
        } else if (parsedObject instanceof CVCAuthenticatedRequest) {
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.