public String toString(boolean verbose) { return StringUtil.concatObjects(" include CA cert: ", includeCaCert, "\n include signer cert: ", includeSignerCert, "\n operation GetCRL: ", (supportGetCrl ? "supported" : "not supported"), (verbose ? "\n encoded: " : ""), (verbose ? getConf() : "")); }
public ScepControl(String conf) throws InvalidConfException { if (StringUtil.isBlank(conf)) { return; } ConfPairs props; try { props = new ConfPairs(conf); } catch (RuntimeException ex) { throw new InvalidConfException(ex.getClass().getName() + ": " + ex.getMessage(), ex); } this.includeCaCert = getBoolean(props, KEY_CACERT_INCLUDED, true); this.includeSignerCert = getBoolean(props, KEY_SIGNERCERT_INCLUDED, true); this.supportGetCrl = getBoolean(props, KEY_SUPPORT_GETCRL, false); }
@Override public String toString() { return toString(false); }
entry.setScepControl(new ScepControl(scepcontrol)); } catch (InvalidConfException ex) { throw new CaMgmtException("invalid SCEP_CONTROL: " + scepcontrol, ex);
private SignedData buildSignedData(X509Certificate cert) throws OperationException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); try { X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); cmsSignedDataGen.addCertificate(certHolder); if (control.isIncludeCaCert()) { refreshCa(); cmsSignedDataGen.addCertificate(caCert.getCertHolder()); } CMSSignedData signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); return SignedData.getInstance(signedData.toASN1Structure().getContent()); } catch (CMSException | IOException | CertificateEncodingException ex) { LogUtil.error(LOG, ex); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } } // method buildSignedData
private ContentInfo encodeResponse(PkiMessage response, DecodedPkiMessage request) throws OperationException { Args.notNull(response, "response"); Args.notNull(request, "request"); String signatureAlgorithm = getSignatureAlgorithm(responderKey, request.getDigestAlgorithm()); ContentInfo ci; try { X509Certificate[] cmsCertSet = control.isIncludeSignerCert() ? new X509Certificate[]{responderCert} : null; ci = response.encode(responderKey, signatureAlgorithm, responderCert, cmsCertSet, request.getSignatureCert(), request.getContentEncryptionAlgorithm()); } catch (MessageEncodingException ex) { LogUtil.error(LOG, ex, "could not encode response"); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } return ci; } // method encodeResponse
private SignedData getCrl(X509Ca ca, BigInteger serialNumber) throws FailInfoException, OperationException { if (!control.isSupportGetCrl()) { throw FailInfoException.BAD_REQUEST; } CertificateList crl = ca.getBcCurrentCrl(); if (crl == null) { throw FailInfoException.BAD_REQUEST; } CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); cmsSignedDataGen.addCRL(new X509CRLHolder(crl)); CMSSignedData signedData; try { signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { LogUtil.error(LOG, ex, "could not generate CMSSignedData"); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } return SignedData.getInstance(signedData.toASN1Structure().getContent()); } // method getCrl
entry.setScepControl(new ScepControl(scepControl));
rv.setSaveRequest(saveRequest); if (scepControl != null) { rv.setScepControl(new ScepControl(scepControl));
ps.setString(idx++, (scepControl == null ? null : scepControl.getConf()));
@Override public int hashCode() { return toString().hashCode(); }
caEntry.setScepControl(new ScepControl( new ConfPairs(ci.getScepControl()).getEncoded()));
new HashMap<>(new ConfPairs(entry.getScepControl().getConf()).asMap()));
"\nCMP control:\n", (cmpControl == null ? " null" : cmpControl.toString(verbose)), "\nCRL control:\n", (crlControl == null ? " null" : crlControl.toString(verbose)), "\nSCEP control: \n", (scepControl == null ? " null" : scepControl.toString(verbose)), "\nCMP responder name: ", cmpResponderName, "\nSCEP responder name: ", scepResponderName,
signerConf = caEntry.getSignerConf(); if (caEntry.getScepControl() != null) { scepControl = caEntry.getScepControl().getConf();