List of usage examples for org.bouncycastle.asn1.cmp CMPCertificate CMPCertificate
public CMPCertificate(Certificate x509v3PKCert)
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createInitializationRespons1(byte[] senderNonce, byte[] transactionId) throws CMPException, CertificateEncodingException, OperatorCreationException, PKICMPMessageException, IOException { X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert()); // Body/* ww w. j av a 2 s .co m*/ CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted), new CertifiedKeyPair( new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure()))), null); CertResponse[] certResponses = new CertResponse[1]; certResponses[0] = certResponse; PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP, new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses)); return createProtectedPKIMessage(senderNonce, transactionId, pkiBody); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createInitializationRespons2(byte[] senderNonce, byte[] transactionId) throws CMPException, CertificateEncodingException, OperatorException, PKICMPMessageException, IOException, CRMFException { X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert()); //encrypt Private Key KeyWrapper keyWrapper = new JceAsymmetricKeyWrapper(pkiKeyStoreCA.getRecipientCertificate().getPublicKey()) .setProvider("BC"); OutputEncryptor encryptor = new JceCRMFEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC") .build();/*ww w . j a v a 2 s .c o m*/ ByteArrayOutputStream bOut = new ByteArrayOutputStream(); OutputStream eOut = encryptor.getOutputStream(bOut); eOut.write(pki.getTestUser3CertPrivateKey().getEncoded()); eOut.close(); AlgorithmIdentifier intendedAlg = null; AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier(); DERBitString encSymmKey; keyWrapper.generateWrappedKey(encryptor.getKey()); encSymmKey = new DERBitString(keyWrapper.generateWrappedKey(encryptor.getKey())); AlgorithmIdentifier keyAlg = keyWrapper.getAlgorithmIdentifier(); ASN1OctetString valueHint = null; DERBitString encValue = new DERBitString(bOut.toByteArray()); EncryptedValue encryptedPrivateKey = new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); // Body CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted), new CertifiedKeyPair(new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure())), encryptedPrivateKey, null), null); CertResponse[] certResponses = new CertResponse[1]; certResponses[0] = certResponse; PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP, new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses)); return createProtectedPKIMessage(senderNonce, transactionId, pkiBody); }
From source file:org.ejbca.core.protocol.cmp.AuthenticationModulesTest.java
License:Open Source License
private static CMPCertificate[] getCMPCert(Certificate cert) throws CertificateEncodingException, IOException { ASN1InputStream ins = new ASN1InputStream(cert.getEncoded()); ASN1Primitive pcert = ins.readObject(); ins.close();//from w ww. j a va2s . co m org.bouncycastle.asn1.x509.Certificate c = org.bouncycastle.asn1.x509.Certificate .getInstance(pcert.toASN1Primitive()); CMPCertificate[] res = { new CMPCertificate(c) }; return res; }
From source file:org.ejbca.core.protocol.cmp.NestedMessageContentTest.java
License:Open Source License
private static CMPCertificate[] getCMPCert(Certificate cert) throws CertificateEncodingException, IOException { ASN1InputStream ins = new ASN1InputStream(cert.getEncoded()); try {// w w w . ja v a 2 s . c om ASN1Primitive pcert = ins.readObject(); org.bouncycastle.asn1.x509.Certificate c = org.bouncycastle.asn1.x509.Certificate .getInstance(pcert.toASN1Primitive()); CMPCertificate[] res = { new CMPCertificate(c) }; return res; } finally { ins.close(); } }
From source file:org.ejbca.ui.cmpclient.CmpClientMessageHelper.java
License:Open Source License
private CMPCertificate[] getCMPCerts(Certificate cert) throws CertificateEncodingException, IOException { ASN1InputStream ins = new ASN1InputStream(cert.getEncoded()); ASN1Primitive pcert = ins.readObject(); ins.close();/*from ww w . ja va 2 s . c om*/ org.bouncycastle.asn1.x509.Certificate c = org.bouncycastle.asn1.x509.Certificate .getInstance(pcert.toASN1Primitive()); CMPCertificate[] res = { new CMPCertificate(c) }; return res; }
From source file:org.xipki.ca.server.impl.X509CAInfo.java
License:Open Source License
public X509CAInfo(final X509CAEntry caEntry, final CertificateStore certStore) throws OperationException { ParamChecker.assertNotNull("caEntry", caEntry); ParamChecker.assertNotNull("certStore", certStore); this.caEntry = caEntry; this.certStore = certStore; X509Certificate cert = caEntry.getCertificate(); this.notBefore = cert.getNotBefore(); this.notAfter = cert.getNotAfter(); this.serialNumber = cert.getSerialNumber(); this.selfSigned = cert.getIssuerX500Principal().equals(cert.getSubjectX500Principal()); Certificate bcCert;/*from w ww .j a v a 2 s. c o m*/ try { byte[] encodedCert = cert.getEncoded(); bcCert = Certificate.getInstance(encodedCert); } catch (CertificateEncodingException e) { throw new OperationException(ErrorCode.SYSTEM_FAILURE, "could not encode the CA certificate"); } this.certInCMPFormat = new CMPCertificate(bcCert); this.publicCAInfo = new PublicCAInfo(cert, caEntry.getCacertUris(), caEntry.getOcspUris(), caEntry.getCrlUris(), caEntry.getDeltaCrlUris()); this.noNewCertificateAfter = this.notAfter.getTime() - MS_PER_DAY * caEntry.getExpirationPeriod(); this.useRandomSerialNumber = caEntry.getNextSerial() < 1; if (this.useRandomSerialNumber) { randomSNGenerator = RandomSerialNumberGenerator.getInstance(); return; } Long greatestSerialNumber = certStore.getGreatestSerialNumber(this.publicCAInfo.getCaCertificate()); if (greatestSerialNumber == null) { throw new OperationException(ErrorCode.SYSTEM_FAILURE, "could not retrieve the greatest serial number for ca " + caEntry.getName()); } long nextSerial = greatestSerialNumber + 1; if (nextSerial < 2) { nextSerial = 2; } if (caEntry.getNextSerial() < nextSerial) { LOG.info("corrected the next_serial of {} from {} to {}", new Object[] { caEntry.getName(), caEntry.getNextSerial(), nextSerial }); caEntry.setNextSerial(nextSerial); certStore.commitNextSerialIfLess(getName(), nextSerial); } else { nextSerial = caEntry.getNextSerial(); } }
From source file:org.xipki.pki.ca.server.impl.X509CaInfo.java
License:Open Source License
public X509CaInfo(final X509CaEntry caEntry, final CertificateStore certStore) throws OperationException { this.caEntry = ParamUtil.requireNonNull("caEntry", caEntry); this.certStore = ParamUtil.requireNonNull("certStore", certStore); X509Certificate cert = caEntry.getCertificate(); this.notBefore = cert.getNotBefore(); this.notAfter = cert.getNotAfter(); this.serialNumber = cert.getSerialNumber(); this.selfSigned = cert.getIssuerX500Principal().equals(cert.getSubjectX500Principal()); Certificate bcCert;//from www. j a v a 2 s. co m try { byte[] encodedCert = cert.getEncoded(); bcCert = Certificate.getInstance(encodedCert); } catch (CertificateEncodingException ex) { throw new OperationException(ErrorCode.SYSTEM_FAILURE, "could not encode the CA certificate"); } this.certInCmpFormat = new CMPCertificate(bcCert); this.publicCaInfo = new PublicCaInfo(cert, caEntry.getCacertUris(), caEntry.getOcspUris(), caEntry.getCrlUris(), caEntry.getDeltaCrlUris()); this.noNewCertificateAfter = this.notAfter.getTime() - MS_PER_DAY * caEntry.getExpirationPeriod(); this.randomSnGenerator = RandomSerialNumberGenerator.getInstance(); }