public static PKIMessage getInstance(Object o) { if (o instanceof PKIMessage) { return (PKIMessage)o; } else if (o != null) { return new PKIMessage(ASN1Sequence.getInstance(o)); } return null; }
public PKIMessage[] toPKIMessageArray() { PKIMessage[] result = new PKIMessage[content.size()]; for (int i = 0; i != result.length; i++) { result[i] = PKIMessage.getInstance(content.getObjectAt(i)); } return result; }
/** * <pre> * PKIMessage ::= SEQUENCE { * header PKIHeader, * body PKIBody, * protection [0] PKIProtection OPTIONAL, * extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate * OPTIONAL * } * </pre> * * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(header); v.add(body); addOptional(v, 0, protection); addOptional(v, 1, extraCerts); return new DERSequence(v); }
private PKIMessage addProtection(PKIMessage pkiMessage, AuditEvent event, CmpRequestorInfo requestor) { CmpControl control = getCmpControl(); try { if (requestor.getCert() != null) { return CmpUtil.addProtection(pkiMessage, getSigner(), getSender(), control.isSendResponderCert()); } else { PBMParameter parameter = new PBMParameter(randomSalt(), control.getResponsePbmOwf(), control.getResponsePbmIterationCount(), control.getResponsePbmMac()); return CmpUtil.addProtection(pkiMessage, requestor.getPassword(), parameter, getSender(), requestor.getKeyId()); } } catch (Exception ex) { LogUtil.error(LOG, ex, "could not add protection to the PKI message"); PKIStatusInfo status = generateRejectionStatus( PKIFailureInfo.systemFailure, "could not sign the PKIMessage"); event.setLevel(AuditLevel.ERROR); event.setStatus(AuditStatus.FAILED); event.addEventData(CaAuditConstants.NAME_message, "could not sign the PKIMessage"); PKIBody body = new PKIBody(PKIBody.TYPE_ERROR, new ErrorMsgContent(status)); return new PKIMessage(pkiMessage.getHeader(), body); } } // method addProtection
private static ProtectedPKIMessageBuilder newProtectedPKIMessageBuilder(PKIMessage pkiMessage, GeneralName sender, byte[] senderKid) throws CMPException { PKIHeader header = pkiMessage.getHeader(); ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder( sender, header.getRecipient()); builder.setMessageTime(new Date()); builder.setBody(pkiMessage.getBody());
private ASN1Encodable extractGeneralRepContent(PKIMessage response, String expectedType) throws Exception { PKIBody respBody = response.getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = ErrorMsgContent.getInstance(respBody.getContent()); throw new Exception("Server returned PKIStatus: " + buildText(content.getPKIStatusInfo())); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new Exception(String.format("unknown PKI body type %s instead the expected [%s, %s]", bodyType, PKIBody.TYPE_GEN_REP, PKIBody.TYPE_ERROR)); } GenRepContent genRep = GenRepContent.getInstance(respBody.getContent()); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue entry : itvs) { if (expectedType.equals(entry.getInfoType().getId())) { itv = entry; break; } } } if (itv == null) { throw new Exception("the response does not contain InfoTypeAndValue " + expectedType); } return itv.getInfoValue(); } // method extractGeneralRepContent
encodedRequest = tmpRequest.getEncoded(); } catch (IOException ex) { LOG.error("could not encode the PKI request {}", tmpRequest); PKIHeader reqHeader = request.getHeader(); PKIHeader respHeader = response.getHeader();
private PKIMessage transmit(ProtectedPKIMessage request, String uri) throws Exception { byte[] encodedResponse = send(request.toASN1Structure().getEncoded(), uri); GeneralPKIMessage response = new GeneralPKIMessage(encodedResponse);
private static ProtectedPKIMessageBuilder newProtectedPKIMessageBuilder(PKIMessage pkiMessage, GeneralName sender, byte[] senderKid) throws CMPException { PKIHeader header = pkiMessage.getHeader(); ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder( sender, header.getRecipient()); builder.setMessageTime(new Date()); builder.setBody(pkiMessage.getBody());
private boolean parseRevocationResult(PKIMessage response, BigInteger serialNumber) throws Exception { PKIBody respBody = response.getBody(); final int bodyType = respBody.getType();
if (ca.getCaInfo().isSaveRequest()) { try { byte[] encodedRequest = request.getEncoded(); reqDbId = ca.addRequest(encodedRequest); } catch (Exception ex) { if (reqDbId == null && !savingRequestFailed) { try { byte[] encodedRequest = request.getEncoded(); reqDbId = ca.addRequest(encodedRequest); } catch (Exception ex) {
public static PKIMessage getInstance(Object o) { if (o instanceof PKIMessage) { return (PKIMessage)o; } else if (o != null) { return new PKIMessage(ASN1Sequence.getInstance(o)); } return null; }
public PKIMessage[] toPKIMessageArray() { PKIMessage[] result = new PKIMessage[content.size()]; for (int i = 0; i != result.length; i++) { result[i] = PKIMessage.getInstance(content.getObjectAt(i)); } return result; }
private Map<BigInteger, KeyAndCert> parseEnrollCertResult(PKIMessage response, int resonseBodyType, int numCerts) throws Exception { PKIBody respBody = response.getBody(); final int bodyType = respBody.getType();
/** * <pre> * PKIMessage ::= SEQUENCE { * header PKIHeader, * body PKIBody, * protection [0] PKIProtection OPTIONAL, * extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate * OPTIONAL * } * </pre> * * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(header); v.add(body); addOptional(v, 0, protection); addOptional(v, 1, extraCerts); return new DERSequence(v); }
if (getCa().getCaInfo().isSaveRequest()) { try { encodedRequest = request.getEncoded(); } catch (IOException ex) { LOG.warn("could not encode request");
private PKIMessage buildMessageWithGeneralMsgContent(ASN1ObjectIdentifier type, ASN1Encodable value) { Args.notNull(type, "type"); PKIHeader header = buildPkiHeader(null); InfoTypeAndValue itv = (value != null) ? new InfoTypeAndValue(type, value) : new InfoTypeAndValue(type); GenMsgContent genMsgContent = new GenMsgContent(itv); PKIBody body = new PKIBody(PKIBody.TYPE_GEN_MSG, genMsgContent); return new PKIMessage(header, body); }
protected PKIMessage generatePkiMessage(InputStream is) throws IOException { ASN1InputStream asn1Stream = new ASN1InputStream(ScepUtil.requireNonNull("is", is)); try { return PKIMessage.getInstance(asn1Stream.readObject()); } finally { try { asn1Stream.close(); } catch (Exception ex) { LOG.error("could not close stream: {}", ex.getMessage()); } } }
List<CertResponse> certResponses = new ArrayList<>(1); boolean kup = (request.getBody().getType() == PKIBody.TYPE_KEY_UPDATE_REQ);