Package org.ejbca.core.model.ca

Examples of org.ejbca.core.model.ca.SignRequestException


            }
          }
        } else {
          if (OcspConfiguration.getEnforceRequestSigning()) {
            // Signature required
            throw new SignRequestException("Signature required");
          }
        }
       
        // Get the certificate status requests that are inside this OCSP req
        Req[] requests = req.getRequestList();
View Full Code Here


                        }
                        String username = reqmsg.getUsername();
                        if (username == null) {
                          String msg = "No username in request, request DN: "+reqmsg.getRequestDN();
                            log.error(msg);
                            throw new SignRequestException(msg);
                        }
                        log.info("Received a SCEP/PKCS10 request for user: "+username+", from host: "+remoteAddr);
                        String authPwd = ExtraConfiguration.instance().getString(ExtraConfiguration.SCEPAUTHPWD);
                        if (StringUtils.isNotEmpty(authPwd) && !StringUtils.equals(authPwd, "none")) {
                          log.debug("Requiring authPwd in order to precess SCEP requests");
View Full Code Here

                log.debug("Creating a STATUS_OK message.");
            } else {
              if (status.equals(ResponseStatus.FAILURE)) {
                    log.debug("Creating a STATUS_FAILED message (or throwing an exception).");
                    if (failInfo.equals(FailInfo.WRONG_AUTHORITY)) {
                      throw new SignRequestException(failText);           
                    }
                    if (failInfo.equals(FailInfo.INCORRECT_DATA)) {
                      throw new NotFoundException(failText);
                    }
View Full Code Here

      X509Certificate signercert = null;
     
      if (!req.isSigned()) {
        String infoMsg = intres.getLocalizedMessage("ocsp.errorunsignedreq", clientRemoteAddr);
        m_log.info(infoMsg);
        throw new SignRequestException(infoMsg);
      }
      // Get all certificates embedded in the request (probably a certificate chain)
      X509Certificate[] certs = req.getCerts("BC");
      // Set, as a try, the signer to be the first certificate, so we have a name to log...
      String signer = null;
View Full Code Here

          if ((reqBytes != null) && (reqBytes.length>0)) {
            log.debug("Received NS request: "+new String(reqBytes));
            byte[] certs = helper.nsCertRequest(signSession, reqBytes, username, password);
            RequestHelper.sendNewCertToNSClient(certs, response);
          } else {
            throw new SignRequestException("No request bytes received.");
          }
        } else if ( getParameter("iidPkcs10") != null && !getParameter("iidPkcs10").equals("")) {
          // NetID iid?
          byte[] reqBytes = getParameter("iidPkcs10").getBytes();
          if ((reqBytes != null) && (reqBytes.length>0)) {
            log.debug("Received iidPkcs10 request: "+new String(reqBytes));
            byte[] b64cert=helper.pkcs10CertRequest(signSession, reqBytes, username, password, RequestHelper.ENCODED_CERTIFICATE, false);
            response.setContentType("text/html");
            RequestHelper.sendNewCertToIidClient(b64cert, request, response.getOutputStream(), servletContext, servletConfig.getInitParameter("responseIidTemplate"),classid);
          } else {
            throw new SignRequestException("No request bytes received.");
          }
        } else if ( (getParameter("pkcs10") != null) || (getParameter("PKCS10") != null) ) {
          // if not firefox, check if it's IE
          byte[] reqBytes = getParameter("pkcs10").getBytes();
          if (reqBytes == null) {
            reqBytes=getParameter("PKCS10").getBytes();
          }
          if ((reqBytes != null) && (reqBytes.length>0)) {
            log.debug("Received IE request: "+new String(reqBytes));
            byte[] b64cert=helper.pkcs10CertRequest(signSession, reqBytes, username, password, RequestHelper.ENCODED_PKCS7);
            debug.ieCertFix(b64cert);
            RequestHelper.sendNewCertToIEClient(b64cert, response.getOutputStream(), servletContext, servletConfig.getInitParameter("responseTemplate"),classid);
          } else {
            throw new SignRequestException("No request bytes received.");
          }
        } else if ( ((getParameter("pkcs10req") != null) || (getParameter("pkcs10file") != null)) && resulttype != 0) {
          byte[] reqBytes = null;
          String pkcs10req = getParameter("pkcs10req");
          if (StringUtils.isEmpty(pkcs10req)) {
            // did we upload a file instead?
            log.debug("No pasted request received, checking for uploaded file.");
            pkcs10req = getParameter("pkcs10file");
            if (StringUtils.isNotEmpty(pkcs10req)) {
              // The uploaded file has been converted to a base64 encoded string
              reqBytes = Base64.decode(pkcs10req.getBytes());

            }
          } else {
            reqBytes=pkcs10req.getBytes(); // The pasted request                 
          }

          if ((reqBytes != null) && (reqBytes.length>0)) {
            pkcs10Req(response, username, password, resulttype, signSession, helper, reqBytes);
          } else {
            throw new SignRequestException("No request bytes received.");
          }
        } else if ( ((getParameter("cvcreq") != null) || (getParameter("cvcreqfile") != null)) && resulttype != 0) {
          // It's a CVC certificate request (EAC ePassports)
          byte[] reqBytes = null;
          String req = getParameter("cvcreq");
          if (StringUtils.isEmpty(req)) {
            // did we upload a file instead?
            log.debug("No pasted request received, checking for uploaded file.");
            req = getParameter("cvcreqfile");
            if (StringUtils.isNotEmpty(req)) {
              // The uploaded file has been converted to a base64 encoded string
              reqBytes = Base64.decode(req.getBytes());

            }
          } else {
            reqBytes=req.getBytes(); // The pasted request                 
          }

          if ((reqBytes != null) && (reqBytes.length>0)) {
            log.debug("Received CVC request: "+new String(reqBytes));
            byte[] b64cert=helper.cvcCertRequest(signSession, reqBytes, username, password);
            CVCertificate cvccert = (CVCertificate) CertificateParser.parseCVCObject(Base64.decode(b64cert));
            String filename = "";
            CAReferenceField carf = cvccert.getCertificateBody().getAuthorityReference();
            if (carf != null) {
              String car = carf.getConcatenated();
              filename += car;
            }
            HolderReferenceField chrf = cvccert.getCertificateBody().getHolderReference();
            if (chrf != null) {
              String chr = chrf.getConcatenated();
              if (filename.length() > 0) {
                filename += "_";
              }
              filename +=chr;
            }
            if (filename.length() == 0) {
              filename = username;
            }
            log.debug("Filename: "+filename);
            if(resulttype == RequestHelper.BINARY_CERTIFICATE) { 
              RequestHelper.sendBinaryBytes(Base64.decode(b64cert), response, "application/octet-stream", filename+".cvcert");
            }
            if(resulttype == RequestHelper.ENCODED_CERTIFICATE) {
              RequestHelper.sendNewB64File(b64cert, response, filename+".pem", RequestHelper.BEGIN_CERTIFICATE_WITH_NL, RequestHelper.END_CERTIFICATE_WITH_NL);
            }
          } else {
            throw new SignRequestException("No request bytes received.");
          }
        }
      }
    } catch (ObjectNotFoundException oe) {
      iErrorMessage = intres.getLocalizedMessage("certreq.nosuchusername");
View Full Code Here

            log.debug("Creating a STATUS_OK message.");
        } else {
          if (status.equals(ResponseStatus.FAILURE)) {
                log.debug("Creating a STATUS_FAILED message (or throwing an exception).");
                if (failInfo.equals(FailInfo.WRONG_AUTHORITY)) {
                  throw new SignRequestException(failText);           
                }
                if (failInfo.equals(FailInfo.INCORRECT_DATA)) {
                  throw new NotFoundException(failText);
                }
View Full Code Here

            }
           
            if (ca.isUseUserStorage() && req.getUsername() == null) {
              String msg = intres.getLocalizedMessage("signsession.nouserinrequest", req.getRequestDN());
              logSession.log(admin, ca.getCAId(), LogConstants.MODULE_CA, new java.util.Date(), req.getUsername(), null, LogConstants.EVENT_ERROR_CREATECERTIFICATE, msg);
                throw new SignRequestException(msg);
                //ret.setFailInfo(FailInfo.BAD_REQUEST);
                //ret.setStatus(ResponseStatus.FAILURE);
            } else if (ca.isUseUserStorage() && req.getPassword() == null) {
              String msg = intres.getLocalizedMessage("signsession.nopasswordinrequest");
                logSession.log(admin, ca.getCAId(), LogConstants.MODULE_CA, new java.util.Date(), req.getUsername(), null, LogConstants.EVENT_ERROR_CREATECERTIFICATE, msg);
                throw new SignRequestException(msg);
            } else {       
              ResponseStatus status = ResponseStatus.SUCCESS;
              FailInfo failInfo = null;
              String failText = null;
                Certificate cert = null;
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.ca.SignRequestException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.