Examples of PKCS10RequestMessage

• org.ejbca.core.protocol.PKCS10RequestMessage
  Class to handle PKCS10 request messages sent to the CA. @version $Id: PKCS10RequestMessage.java 10894 2010-12-17 15:18:09Z anatom $

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

    PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA",
        CertTools.stringToBcX509Name("C=SE, O=AnaTom, CN=foo3"), rsakeys.getPublic(), new DERSet(),
        rsakeys.getPrivate());

    PKCS10RequestMessage p10 = new PKCS10RequestMessage(req);
    p10.setUsername("foo3");
    p10.setPassword("foo123");

    UserDataVO user = new UserDataVO("foo3", "C=SE,O=AnaTom,CN=foo3", rsacaid, null, "foo@anatom.se", SecConst.USER_ENDUSER, fooEEProfileId, fooCertProfileId,
        SecConst.TOKEN_SOFT_BROWSERGEN, 0, null);
    user.setPassword("foo123");
    ExtendedInformation ei = new ExtendedInformation();

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

    PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA",
        CertTools.stringToBcX509Name("C=SE, O=AnaTom, CN=foo"), rsakeys.getPublic(), new DERSet(),
        rsakeys.getPrivate());

    PKCS10RequestMessage p10 = new PKCS10RequestMessage(req.getEncoded());
    p10.setUsername("foo");
    p10.setPassword("foo123");

    CertificateProfile fooCertProfile = certificateProfileSession.getCertificateProfile(admin, "FOOCERTPROFILE");
    fooCertProfile.setAllowCertSerialNumberOverride(false);
    certificateProfileSession.changeCertificateProfile(admin, "FOOCERTPROFILE", fooCertProfile);

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

            ret = true;

            // Test to generate a certificate request from the CA
            Collection<Certificate> cachain = info.getCertificateChain();
            byte[] request = caAdminSession.makeRequest(admin, info.getCAId(), cachain, false, false, false, null);
            PKCS10RequestMessage msg = new PKCS10RequestMessage(request);
            assertEquals("CN=TEST", msg.getRequestDN());

            // Check CMP RA secret, default value empty string
            X509CAInfo xinfo = (X509CAInfo)info;
            assertNotNull(xinfo.getCmpRaAuthSecret());
            assertEquals("", xinfo.getCmpRaAuthSecret());

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

            // Generate a certificate request from the CA and send to the TEST
            // CA
            byte[] request = caAdminSession.makeRequest(admin, info.getCAId(), rootcacertchain, false, false, false, null);
            info = caAdminSession.getCAInfo(admin, "TESTSIGNEDBYEXTERNAL");
            assertEquals(SecConst.CA_WAITING_CERTIFICATE_RESPONSE, info.getStatus());
            PKCS10RequestMessage msg = new PKCS10RequestMessage(request);
            assertEquals("CN=TESTSIGNEDBYEXTERNAL", msg.getRequestDN());

            // Receive the certificate request on the TEST CA
            info.setSignedBy("CN=TEST".hashCode());
            IResponseMessage resp = caAdminSession.processRequest(admin, info, msg);

            // Receive the signed certificate back on our SubCA
            caAdminSession.receiveResponse(admin, info.getCAId(), resp, null, null);

            // Check that the CA has the correct certificate chain now
            info = caAdminSession.getCAInfo(admin, "TESTSIGNEDBYEXTERNAL");
            assertEquals(SecConst.CA_ACTIVE, info.getStatus());
            Iterator<Certificate> iter = info.getCertificateChain().iterator();
            Certificate cert = iter.next();
            String sigAlg = CertTools.getSignatureAlgorithm(cert);
            assertEquals(AlgorithmConstants.SIGALG_SHA1_WITH_RSA, sigAlg);
            assertTrue("Error in created ca certificate", CertTools.getSubjectDN(cert).equals("CN=TESTSIGNEDBYEXTERNAL"));
            assertTrue("Error in created ca certificate", CertTools.getIssuerDN(cert).equals("CN=TEST"));
            assertTrue("Creating CA failed", info.getSubjectDN().equals("CN=TESTSIGNEDBYEXTERNAL"));
            PublicKey pk = cert.getPublicKey();
            if (pk instanceof RSAPublicKey) {
                RSAPublicKey rsapk = (RSAPublicKey) pk;
                assertEquals(rsapk.getAlgorithm(), "RSA");
            } else {
                assertTrue("Public key is not EC", false);
            }
            cert = (X509Certificate) iter.next();
            assertTrue("Error in root ca certificate", CertTools.getSubjectDN(cert).equals("CN=TEST"));
            assertTrue("Error in root ca certificate", CertTools.getIssuerDN(cert).equals("CN=TEST"));

            ret = true;

        } catch (CAExistsException pee) {
            log.info("CA exists: ", pee);
        }

        // Make a certificate request from the CA
        Collection<Certificate> cachain = info.getCertificateChain();
        byte[] request = caAdminSession.makeRequest(admin, info.getCAId(), cachain, false, false, false, null);
        info = caAdminSession.getCAInfo(admin, "TESTSIGNEDBYEXTERNAL");
        assertEquals(SecConst.CA_ACTIVE, info.getStatus()); // No new keys
        // generated, still
        // active
        PKCS10RequestMessage msg = new PKCS10RequestMessage(request);
        assertEquals("CN=TESTSIGNEDBYEXTERNAL", msg.getRequestDN());

        assertTrue("Creating RSA CA (signed by external) failed", ret);
    } // test10RSASignedByExternal

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

            ret = true;

            // Test to generate a certificate request from the CA
            Collection<Certificate> cachain = info.getCertificateChain();
            byte[] request = caAdminSession.makeRequest(admin, info.getCAId(), cachain, false, false, false, null);
            PKCS10RequestMessage msg = new PKCS10RequestMessage(request);
            assertEquals("CN=TESTDSA", msg.getRequestDN());
        } catch (CAExistsException pee) {
            log.info("CA exists.");
        }

        assertTrue("Creating DSA CA failed", ret);

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

        cacert4.verify(cacert2.getPublicKey());

        // Test make request just making a request using the old keys
        byte[] request = caAdminSession.makeRequest(admin, getTestCAId(), new ArrayList<Certificate>(), false, false, false, "foo123");
        assertNotNull(request);
        PKCS10RequestMessage msg = RequestMessageUtils.genPKCS10RequestMessage(request);
        PublicKey pk1 = cacert3.getPublicKey();
        PublicKey pk2 = msg.getRequestPublicKey();
        String key1 = new String(Base64.encode(pk1.getEncoded()));
        String key2 = new String(Base64.encode(pk2.getEncoded()));
        // A plain request using the CAs key will have the same public key
        assertEquals(key1, key2);
        // Test make request generating new keys
        request = caAdminSession.makeRequest(admin, getTestCAId(), new ArrayList<Certificate>(), true, false, true, "foo123");
        assertNotNull(request);
        msg = RequestMessageUtils.genPKCS10RequestMessage(request);
        pk1 = cacert3.getPublicKey();
        pk2 = msg.getRequestPublicKey();
        key1 = new String(Base64.encode(pk1.getEncoded()));
        key2 = new String(Base64.encode(pk2.getEncoded()));
        // A plain request using new CAs key can not have the same keys
        assertFalse(key1.equals(key2));
        // After this (new keys activated but no cert response received) status

Examples of org.ejbca.core.protocol.PKCS10RequestMessage

    KeyPair rsakeys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA);  // Use short keys, since this will be done many times
    byte[] rawPkcs10req = new PKCS10CertificationRequest("SHA1WithRSA", CertTools.stringToBcX509Name("CN=ignored"), rsakeys.getPublic(), new DERSet(), rsakeys.getPrivate()).getEncoded();
    if (raw) {
      ret = CertTools.getCertfromByteArray(certificateRequestSession.processCertReq(admin, userData, new String(Base64.encode(rawPkcs10req)), SecConst.CERT_REQ_TYPE_PKCS10, null, SecConst.CERT_RES_TYPE_CERTIFICATE));
    } else {
      PKCS10RequestMessage pkcs10req = new PKCS10RequestMessage(rawPkcs10req);
      pkcs10req.setUsername(userData.getUsername());
      pkcs10req.setPassword(userData.getPassword());
      ret = ((X509ResponseMessage) certificateRequestSession.processCertReq(admin, userData, pkcs10req, org.ejbca.core.protocol.X509ResponseMessage.class)).getCertificate();
    }
    return ret;

  }