Examples of PKIBody

• com.novosec.pkix.asn1.cmp.PKIBody
  ASN.1 structure DER En/DeCoder.

   PKIBody ::= CHOICE { ir      [0]  CertReqMessages,        --Initialization Request ip      [1]  CertRepMessage,         --Initialization Response cr      [2]  CertReqMessages,        --Certification Request cp      [3]  CertRepMessage,         --Certification Response p10cr   [4]  CertificationRequest,   --imported from [PKCS10] popdecc [5]  POPODecKeyChallContent, --pop Challenge popdecr [6]  POPODecKeyRespContent,  --pop Response kur     [7]  CertReqMessages,        --Key Update Request kup     [8]  CertRepMessage,         --Key Update Response krr     [9]  CertReqMessages,        --Key Recovery Request krp     [10] KeyRecRepContent,       --Key Recovery Response rr      [11] RevReqContent,          --Revocation Request rp      [12] RevRepContent,          --Revocation Response ccr     [13] CertReqMessages,        --Cross-Cert. Request ccp     [14] CertRepMessage,         --Cross-Cert. Response ckuann  [15] CAKeyUpdAnnContent,     --CA Key Update Ann. cann    [16] CertAnnContent,         --Certificate Ann.      (X509Certificate) rann    [17] RevAnnContent,          --Revocation Ann. crlann  [18] CRLAnnContent,          --CRL Announcement conf    [19] PKIConfirmContent,      --Confirmation          (NULL) nested  [20] NestedMessageContent,   --Nested Message        (PKIMessage) genm    [21] GenMsgContent,          --General Message genp    [22] GenRepContent,          --General Response error   [23] ErrorMsgContent         --Error Message certConf[24] CertConfirmContent      --Certificate Confirm } 

Examples of com.novosec.pkix.asn1.cmp.PKIBody

    }
    setMessage(msg);
  }

  private void init() {
    final PKIBody body = getPKIMessage().getBody();
    final PKIHeader header = getPKIMessage().getHeader();
    requestType = body.getTagNo();
    final CertReqMessages msgs = getCertReqFromTag(body, requestType);
    requestId = msgs.getCertReqMsg(0).getCertReq().getCertReqId().getValue().intValue();
    this.req = msgs.getCertReqMsg(0);
    DEROctetString os = header.getTransactionID();
    if (os != null) {

Examples of com.novosec.pkix.asn1.cmp.PKIBody

          int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc
            if (log.isDebugEnabled()) {
              log.debug("Creating response body of type " + respType);
            }
          PKIBody myPKIBody = new PKIBody(myCertRepMessage, respType);
          PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);

          if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
            responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
          } else {
            responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
          }
          ret = true;
        }
      } else if (status.equals(ResponseStatus.FAILURE)) {
          if (log.isDebugEnabled()) {
            log.debug("Creating a CertRepMessage 'rejected'");
          }
        // Create a failure message
        PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
        myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
        if (failText != null) {
          myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
        }
        PKIBody myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIHeader, myPKIStatusInfo, requestId, requestType);
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);

        if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
          responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
        } else {
          responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);
        }
        ret = true;
      } else {
          if (log.isDebugEnabled()) {
            log.debug("Creating a 'waiting' message?");
          }
        // Not supported, lets create a PKIError failure instead
        // Create a failure message
        PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); // 2 = rejection
        myPKIStatusInfo.setFailInfo(failInfo.getAsBitString());
        if (failText != null) {
          myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText)));
        }
        ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo);
        PKIBody myPKIBody = new PKIBody(myErrorContent, 23); // 23 = error
        PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);
        if ( (pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null) ) {
          responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount);
        } else {
          responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, (X509Certificate)signCert, signKey, digestAlg, provider);

Examples of com.novosec.pkix.asn1.cmp.PKIBody

    //String objectId = "1.2.840.113533.7.66.13" = passwordBasedMac;
    String objectId = CMPObjectIdentifiers.passwordBasedMac.getId();
    PBMParameter pp = new PBMParameter(derSalt, owfAlg, iteration, macAlg);
    AlgorithmIdentifier pAlg = new AlgorithmIdentifier(new DERObjectIdentifier(objectId), pp);
    head.setProtectionAlg(pAlg);
    PKIBody body = msg.getBody();
    PKIMessage ret = new PKIMessage(head, body);

    // Calculate the protection bits
    byte[] rasecret = raSecret.getBytes();
    byte[] basekey = new byte[rasecret.length + saltbytes.length];

Examples of com.novosec.pkix.asn1.cmp.PKIBody

    int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc
    if (LOG.isDebugEnabled()) {
      LOG.debug("Creating response body of type "+respType);
    }
    PKIBody myPKIBody = new PKIBody(myCertRepMessage, respType);

    return myPKIBody;
  }

Examples of com.novosec.pkix.asn1.cmp.PKIBody

     *
     */
    static final long serialVersionUID = 1000L;

  public GeneralCmpMessage(PKIMessage msg) {
    PKIBody body = msg.getBody();
    int tag = body.getTagNo();
    if (tag == 19) {
      // this is a PKIConfirmContent
      if (log.isDebugEnabled()) {
        log.debug("Received a PKIConfirm message");
      }
      // This is a null message, so there is nothing to get here
      //DERNull obj = body.getConf();
    }
    if (tag == 24) {
      // this is a CertConfirmContent
      if (log.isDebugEnabled()) {
        log.debug("Received a Cert Confirm message");
      }
      CertConfirmContent obj = body.getCertConf();
      PKIStatusInfo status = obj.getPKIStatus();
      if (status != null) {
        int st = status.getStatus().getValue().intValue();
        if (st != 0) {
          String errMsg = intres.getLocalizedMessage("cmp.errorcertconfirmstatus", Integer.valueOf(st));
          log.error(errMsg);
          // TODO: if it is rejected, we should revoke the cert?
        }
      }
    }
    if (tag == 11) {
      // this is a RevReqContent,
      if (log.isDebugEnabled()) {
        log.debug("Received a RevReqContent");
      }
      RevReqContent rr = body.getRr();
      RevDetails rd = rr.getRevDetails(0);
      CertTemplate ct = rd.getCertDetails();
      DERInteger serno = ct.getSerialNumber();
      X509Name issuer = ct.getIssuer();
      if ( (serno != null) && (issuer != null) ) {

Examples of com.novosec.pkix.asn1.cmp.PKIBody

      SignRequestException, NotFoundException {

    X509Name sender = X509Name.getInstance(getSender().getName());
    X509Name recipient = X509Name.getInstance(getRecipient().getName());
    PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(sender, recipient, getSenderNonce(), getRecipientNonce(), getTransactionId());
    PKIBody myPKIBody = new PKIBody(new DERNull(), 19);
    PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody);

    if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) {
      responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount());
    } else {