private PKCS10CertificationRequest generateRequest(ConcurrentContentSigner signer, SubjectPublicKeyInfo subjectPublicKeyInfo, X500Name subjectDn, Map<ASN1ObjectIdentifier, ASN1Encodable> attributes) throws XiSecurityException { ParamUtil.requireNonNull("signer", signer); ParamUtil.requireNonNull("subjectPublicKeyInfo", subjectPublicKeyInfo); ParamUtil.requireNonNull("subjectDn", subjectDn); PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subjectDn, subjectPublicKeyInfo); if (CollectionUtil.isNonEmpty(attributes)) { for (ASN1ObjectIdentifier attrType : attributes.keySet()) { csrBuilder.addAttribute(attrType, attributes.get(attrType)); } } ConcurrentBagEntrySigner signer0; try { signer0 = signer.borrowSigner(); } catch (NoIdleSignerException ex) { throw new XiSecurityException(ex.getMessage(), ex); } try { return csrBuilder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } }
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { Args.notNull(pkiMessage, "pkiMessage"); Args.notNull(signer, "signer"); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { ParamUtil.requireNonNull("pkiMessage", pkiMessage); ParamUtil.requireNonNull("signer", signer); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
crlHolder = crlBuilder.build(signer0.value()); } finally { concurrentSigner.requiteSigner(signer0);
return reqBuilder.build(signer0.value(), certChain); } finally { signer.requiteSigner(signer0);
certHolder = certBuilder.build(signer0.value()); } finally { signer.requiteSigner(signer0);
certHolder = certBuilder.build(signer0.value()); } finally { gct.signer.requiteSigner(signer0);