List of usage examples for org.bouncycastle.asn1.cmp GenRepContent toInfoTypeAndValueArray
public InfoTypeAndValue[] toInfoTypeAndValueArray()
From source file:org.xipki.ca.client.impl.CmpRequestor.java
License:Open Source License
private ASN1Encodable extractGeneralRepContent(final PKIResponse response, final String exepectedType, final boolean requireProtectionCheck) throws CmpRequestorException, PKIErrorException { if (requireProtectionCheck) { checkProtection(response);/*from w w w . j av a2 s.co m*/ } PKIBody respBody = response.getPkiMessage().getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = (ErrorMsgContent) respBody.getContent(); throw new CmpRequestorException(SecurityUtil.formatPKIStatusInfo(content.getPKIStatusInfo())); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new CmpRequestorException("unknown PKI body type " + bodyType + " instead the exceptected [" + PKIBody.TYPE_GEN_REP + ", " + PKIBody.TYPE_ERROR + "]"); } GenRepContent genRep = (GenRepContent) respBody.getContent(); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue _itv : itvs) { if (exepectedType.equals(_itv.getInfoType().getId())) { itv = _itv; break; } } } if (itv == null) { throw new CmpRequestorException("the response does not contain InfoTypeAndValue " + exepectedType); } return itv.getInfoValue(); }
From source file:org.xipki.ca.client.impl.X509CmpRequestor.java
License:Open Source License
private CRLResultType evaluateCRLResponse(final PKIResponse response, final Integer xipkiAction) throws CmpRequestorException, PKIErrorException { checkProtection(response);/*from w w w.jav a 2 s .c o m*/ PKIBody respBody = response.getPkiMessage().getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = (ErrorMsgContent) respBody.getContent(); throw new PKIErrorException(content.getPKIStatusInfo()); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new CmpRequestorException("unknown PKI body type " + bodyType + " instead the exceptected [" + PKIBody.TYPE_GEN_REP + ", " + PKIBody.TYPE_ERROR + "]"); } ASN1ObjectIdentifier expectedType = xipkiAction == null ? CMPObjectIdentifiers.it_currentCRL : ObjectIdentifiers.id_xipki_cmp; GenRepContent genRep = (GenRepContent) respBody.getContent(); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue m : itvs) { if (expectedType.equals(m.getInfoType())) { itv = m; break; } } } if (itv == null) { throw new CmpRequestorException("the response does not contain InfoTypeAndValue " + expectedType); } ASN1Encodable certListAsn1Object; if (xipkiAction == null) { certListAsn1Object = itv.getInfoValue(); } else { certListAsn1Object = extractXipkiActionContent(itv.getInfoValue(), xipkiAction); } CertificateList certList = CertificateList.getInstance(certListAsn1Object); X509CRL crl; try { crl = new X509CRLObject(certList); } catch (CRLException e) { throw new CmpRequestorException("returned CRL is invalid: " + e.getMessage()); } CRLResultType result = new CRLResultType(); result.setCRL(crl); return result; }
From source file:org.xipki.commons.security.pkcs11.proxy.ProxyP11Module.java
License:Open Source License
private ASN1Encodable extractItvInfoValue(final int action, final GeneralPKIMessage response) throws P11TokenException { PKIBody respBody = response.getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = (ErrorMsgContent) respBody.getContent(); PKIStatusInfo statusInfo = content.getPKIStatusInfo(); String failureInfo = null; if (statusInfo.getStatusString() != null) { int size = statusInfo.getStatusString().size(); if (size > 0) { failureInfo = statusInfo.getStatusString().getStringAt(0).getString(); }/*www.java2 s . co m*/ } if (failureInfo == null) { throw new P11TokenException( "server answered with ERROR: " + CmpFailureUtil.formatPkiStatusInfo(statusInfo)); } if (failureInfo.startsWith(P11ProxyConstants.ERROR_P11_TOKENERROR)) { ConfPairs pairs = new ConfPairs(failureInfo); String errorMesage = pairs.getValue(P11ProxyConstants.ERROR_P11_TOKENERROR); throw new P11TokenException(errorMesage); } else if (failureInfo.startsWith(P11ProxyConstants.ERROR_UNKNOWN_ENTITY)) { ConfPairs pairs = new ConfPairs(failureInfo); String errorMesage = pairs.getValue(P11ProxyConstants.ERROR_UNKNOWN_ENTITY); throw new P11UnknownEntityException(errorMesage); } else if (failureInfo.startsWith(P11ProxyConstants.ERROR_UNSUPPORTED_MECHANISM)) { ConfPairs pairs = new ConfPairs(failureInfo); String errorMesage = pairs.getValue(P11ProxyConstants.ERROR_UNSUPPORTED_MECHANISM); throw new P11UnsupportedMechanismException(errorMesage); } else if (failureInfo.startsWith(P11ProxyConstants.ERROR_DUPLICATE_ENTITY)) { ConfPairs pairs = new ConfPairs(failureInfo); String errorMesage = pairs.getValue(P11ProxyConstants.ERROR_UNSUPPORTED_MECHANISM); throw new P11DuplicateEntityException(errorMesage); } else { throw new P11TokenException( "server answered with ERROR: " + CmpFailureUtil.formatPkiStatusInfo(statusInfo)); } } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new P11TokenException("unknown PKI body type " + bodyType + " instead the expected [" + PKIBody.TYPE_GEN_REP + ", " + PKIBody.TYPE_ERROR + "]"); } GenRepContent genRep = (GenRepContent) respBody.getContent(); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue m : itvs) { if (ObjectIdentifiers.id_xipki_cmp_cmpGenmsg.equals(m.getInfoType())) { itv = m; break; } } } if (itv == null) { throw new P11TokenException("the response does not contain InfoTypeAndValue '" + ObjectIdentifiers.id_xipki_cmp_cmpGenmsg.getId() + "'"); } ASN1Encodable itvValue = itv.getInfoValue(); if (itvValue == null) { throw new P11TokenException("value of InfoTypeAndValue '" + ObjectIdentifiers.id_xipki_cmp_cmpGenmsg.getId() + "' is incorrect"); } try { ASN1Sequence seq = Asn1Util.getSequence(itvValue); Asn1Util.requireRange(seq, 2, 3); int receivedversion = Asn1Util.getInteger(seq.getObjectAt(0)).intValue(); if (receivedversion != version) { throw new P11TokenException( "version '" + receivedversion + "' is not the expected '" + version + "'"); } int receivedAction = Asn1Util.getInteger(seq.getObjectAt(1)).intValue(); if (receivedAction != action) { throw new P11TokenException("action '" + receivedAction + "' is not the expected '" + action + "'"); } return (seq.size() > 2) ? seq.getObjectAt(2) : null; } catch (BadAsn1ObjectException ex) { throw new P11TokenException("bad ASN1 object: " + ex.getMessage(), ex); } }
From source file:org.xipki.pki.ca.client.impl.CmpRequestor.java
License:Open Source License
private ASN1Encodable extractGeneralRepContent(final PkiResponse response, final String expectedType, final boolean requireProtectionCheck) throws CmpRequestorException, PkiErrorException { ParamUtil.requireNonNull("response", response); ParamUtil.requireNonNull("expectedType", expectedType); if (requireProtectionCheck) { checkProtection(response);/* w ww . j a va 2 s .c o m*/ } PKIBody respBody = response.getPkiMessage().getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = ErrorMsgContent.getInstance(respBody.getContent()); throw new CmpRequestorException(CmpFailureUtil.formatPkiStatusInfo(content.getPKIStatusInfo())); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new CmpRequestorException(String.format("unknown PKI body type %s instead the expected [%s, %s]", bodyType, PKIBody.TYPE_GEN_REP, PKIBody.TYPE_ERROR)); } GenRepContent genRep = GenRepContent.getInstance(respBody.getContent()); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue entry : itvs) { if (expectedType.equals(entry.getInfoType().getId())) { itv = entry; break; } } } if (itv == null) { throw new CmpRequestorException("the response does not contain InfoTypeAndValue " + expectedType); } return itv.getInfoValue(); }
From source file:org.xipki.pki.ca.client.impl.X509CmpRequestor.java
License:Open Source License
private X509CRL evaluateCrlResponse(final PkiResponse response, final Integer xipkiAction) throws CmpRequestorException, PkiErrorException { ParamUtil.requireNonNull("response", response); checkProtection(response);//from w w w .jav a 2 s. com PKIBody respBody = response.getPkiMessage().getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = ErrorMsgContent.getInstance(respBody.getContent()); throw new PkiErrorException(content.getPKIStatusInfo()); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new CmpRequestorException(String.format("unknown PKI body type %s instead the expected [%s, %s]", bodyType, PKIBody.TYPE_GEN_REP, PKIBody.TYPE_ERROR)); } ASN1ObjectIdentifier expectedType = (xipkiAction == null) ? CMPObjectIdentifiers.it_currentCRL : ObjectIdentifiers.id_xipki_cmp_cmpGenmsg; GenRepContent genRep = GenRepContent.getInstance(respBody.getContent()); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue m : itvs) { if (expectedType.equals(m.getInfoType())) { itv = m; break; } } } if (itv == null) { throw new CmpRequestorException("the response does not contain InfoTypeAndValue " + expectedType); } ASN1Encodable certListAsn1Object = (xipkiAction == null) ? itv.getInfoValue() : extractXipkiActionContent(itv.getInfoValue(), xipkiAction); CertificateList certList = CertificateList.getInstance(certListAsn1Object); X509CRL crl; try { crl = X509Util.toX509Crl(certList); } catch (CRLException | CertificateException ex) { throw new CmpRequestorException("returned CRL is invalid: " + ex.getMessage()); } return crl; }
From source file:org.xipki.security.p11.remote.RemoteP11CryptService.java
License:Open Source License
private static ASN1Encodable extractItvInfoValue(final int action, final GeneralPKIMessage response) throws SignerException { PKIBody respBody = response.getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = (ErrorMsgContent) respBody.getContent(); PKIStatusInfo statusInfo = content.getPKIStatusInfo(); throw new SignerException( "server answered with ERROR: " + SecurityUtil.formatPKIStatusInfo(statusInfo)); }/*from www . j av a 2s. com*/ else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new SignerException("unknown PKI body type " + bodyType + " instead the exceptected [" + PKIBody.TYPE_GEN_REP + ", " + PKIBody.TYPE_ERROR + "]"); } GenRepContent genRep = (GenRepContent) respBody.getContent(); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue m : itvs) { if (ObjectIdentifiers.id_xipki_cmp.equals(m.getInfoType())) { itv = m; break; } } } if (itv == null) { throw new SignerException("the response does not contain InfoTypeAndValue '" + ObjectIdentifiers.id_xipki_cmp.getId() + "'"); } ASN1Encodable itvValue = itv.getInfoValue(); if (itvValue == null) { throw new SignerException( "value of InfoTypeAndValue '" + ObjectIdentifiers.id_xipki_cmp.getId() + "' is incorrect"); } try { ASN1Sequence seq = ASN1Sequence.getInstance(itvValue); int receivedAction = ASN1Integer.getInstance(seq.getObjectAt(0)).getPositiveValue().intValue(); if (receivedAction != action) { throw new SignerException( "xipki action '" + receivedAction + "' is not the expected '" + action + "'"); } return seq.size() > 1 ? seq.getObjectAt(1) : null; } catch (IllegalArgumentException | ArrayIndexOutOfBoundsException e) { throw new SignerException("value of response (type nfoTypeAndValue) '" + ObjectIdentifiers.id_xipki_cmp.getId() + "' is incorrect"); } }