public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { Args.notNull(pkiMessage, "pkiMessage"); Args.notNull(signer, "signer"); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
reqBuilder.setRequestorName(signer.getBcCertificate().getSubject()); X509CertificateHolder[] certChain0 = signer.getBcCertificateChain(); Certificate[] certChain = new Certificate[certChain0.length];
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { ParamUtil.requireNonNull("pkiMessage", pkiMessage); ParamUtil.requireNonNull("signer", signer); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
public void initSigner(SecurityFactory securityFactory) throws ObjectCreationException { Args.notNull(securityFactory, "securityFactory"); if (signer != null) { return; } if (dbEntry == null) { throw new ObjectCreationException("dbEntry is null"); } X509Certificate responderCert = dbEntry.getCertificate(); dbEntry.setConfFaulty(true); signer = securityFactory.createSigner(dbEntry.getType(), new SignerConf(dbEntry.getConf()), responderCert); if (signer.getCertificate() == null) { throw new ObjectCreationException("signer without certificate is not allowed"); } dbEntry.setConfFaulty(false); if (dbEntry.getBase64Cert() == null) { dbEntry.setCertificate(signer.getCertificate()); subjectAsX500Name = X500Name.getInstance(signer.getBcCertificate().getSubject()); subjectAsGeneralName = new GeneralName(subjectAsX500Name); } } // method initSigner