List of usage examples for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP
int TYPE_INIT_REP
To view the source code for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP.
Click Source Link
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createInitializationRespons1(byte[] senderNonce, byte[] transactionId) throws CMPException, CertificateEncodingException, OperatorCreationException, PKICMPMessageException, IOException { X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert()); // Body/* www . j a v a2s. c o m*/ CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted), new CertifiedKeyPair( new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure()))), null); CertResponse[] certResponses = new CertResponse[1]; certResponses[0] = certResponse; PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP, new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses)); return createProtectedPKIMessage(senderNonce, transactionId, pkiBody); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createInitializationRespons2(byte[] senderNonce, byte[] transactionId) throws CMPException, CertificateEncodingException, OperatorException, PKICMPMessageException, IOException, CRMFException { X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert()); //encrypt Private Key KeyWrapper keyWrapper = new JceAsymmetricKeyWrapper(pkiKeyStoreCA.getRecipientCertificate().getPublicKey()) .setProvider("BC"); OutputEncryptor encryptor = new JceCRMFEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC") .build();/* w w w . ja va 2s .c o m*/ ByteArrayOutputStream bOut = new ByteArrayOutputStream(); OutputStream eOut = encryptor.getOutputStream(bOut); eOut.write(pki.getTestUser3CertPrivateKey().getEncoded()); eOut.close(); AlgorithmIdentifier intendedAlg = null; AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier(); DERBitString encSymmKey; keyWrapper.generateWrappedKey(encryptor.getKey()); encSymmKey = new DERBitString(keyWrapper.generateWrappedKey(encryptor.getKey())); AlgorithmIdentifier keyAlg = keyWrapper.getAlgorithmIdentifier(); ASN1OctetString valueHint = null; DERBitString encValue = new DERBitString(bOut.toByteArray()); EncryptedValue encryptedPrivateKey = new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); // Body CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted), new CertifiedKeyPair(new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure())), encryptedPrivateKey, null), null); CertResponse[] certResponses = new CertResponse[1]; certResponses[0] = certResponse; PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP, new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses)); return createProtectedPKIMessage(senderNonce, transactionId, pkiBody); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
@Test public void testProcessMessage() throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException, NoSuchFieldException, PKICMPMessageException, OperatorCreationException, IOException, CRMFException, CMPException, IllegalAccessException, CMSException, PKIKeyStoreException, ParseException { String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName(); KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey()); PKICMPMessages pkiMessages = new PKICMPMessages(); pkiMessages.setPkiKeyStore(pkiKeyStoreRA); byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair); byte[] response = createInitializationRespons1(pkiMessages.getSenderNonce(), pkiMessages.getTransactionId()); PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response); Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType()); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
/** * Test the certification response decoding without a private key * * @throws NoSuchProviderException/* www . j av a2 s .co m*/ * @throws NoSuchAlgorithmException * @throws CertificateException * @throws NoSuchFieldException * @throws PKICMPMessageException * @throws OperatorCreationException * @throws IOException * @throws CRMFException * @throws CMPException * @throws IllegalAccessException * @throws CMSException * @throws PKIKeyStoreException * @throws ParseException * @throws InvalidKeySpecException */ @Test public void testProcessInitializationMessageWithoutPrivateKey() throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException, NoSuchFieldException, PKICMPMessageException, OperatorCreationException, IOException, CRMFException, CMPException, IllegalAccessException, CMSException, PKIKeyStoreException, ParseException, InvalidKeySpecException { String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName(); KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey()); PKICMPMessages pkiMessages = new PKICMPMessages(); pkiMessages.setPkiKeyStore(pkiKeyStoreRA); byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair); byte[] response = createInitializationRespons1(pkiMessages.getSenderNonce(), pkiMessages.getTransactionId()); PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response); CertificationResult certificationResult = pkiMessages.processCertification(pkicmpResponse.getPkiBody()); Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType()); Assert.assertArrayEquals(pki.getTestUser3Cert().getEncoded(), certificationResult.getX509Certificate().getEncoded()); Assert.assertNull(certificationResult.getPrivateKey()); Assert.assertEquals(0, certificationResult.getCertificateId().intValue()); Assert.assertArrayEquals(pki.getCertificateChain()[0].getEncoded(), certificationResult.getX509CertificateChain()[0].getEncoded()); Assert.assertArrayEquals(pki.getCertificateChain()[1].getEncoded(), certificationResult.getX509CertificateChain()[1].getEncoded()); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
/** * Test the certification response decoding with a private key encryption and decryption * * @throws NoSuchProviderException// w w w.jav a 2s . c o m * @throws NoSuchAlgorithmException * @throws CertificateException * @throws NoSuchFieldException * @throws PKICMPMessageException * @throws OperatorCreationException * @throws IOException * @throws CRMFException * @throws CMPException * @throws IllegalAccessException * @throws CMSException * @throws PKIKeyStoreException * @throws ParseException * @throws InvalidKeySpecException */ @Test public void testProcessInitializationMessageWithPrivateKey() throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException, NoSuchFieldException, PKICMPMessageException, OperatorException, IOException, CRMFException, CMPException, IllegalAccessException, CMSException, PKIKeyStoreException, ParseException, InvalidKeySpecException { String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName(); KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey()); PKICMPMessages pkiMessages = new PKICMPMessages(); pkiMessages.setPkiKeyStore(pkiKeyStoreRA); byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair); byte[] response = createInitializationRespons2(pkiMessages.getSenderNonce(), pkiMessages.getTransactionId()); PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response); CertificationResult certificationResult = pkiMessages.processCertification(pkicmpResponse.getPkiBody()); Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType()); Assert.assertArrayEquals(pki.getTestUser3Cert().getEncoded(), certificationResult.getX509Certificate().getEncoded()); Assert.assertArrayEquals(pki.getTestUser3CertPrivateKey().getEncoded(), certificationResult.getPrivateKey().getEncoded()); Assert.assertEquals(0, certificationResult.getCertificateId().intValue()); Assert.assertArrayEquals(pki.getCertificateChain()[0].getEncoded(), certificationResult.getX509CertificateChain()[0].getEncoded()); Assert.assertArrayEquals(pki.getCertificateChain()[1].getEncoded(), certificationResult.getX509CertificateChain()[1].getEncoded()); }
From source file:org.ejbca.ui.cmpclient.commands.CrmfRequestCommand.java
License:Open Source License
@Override public CommandResult handleCMPResponse(byte[] response, final ParameterContainer parameters) throws Exception { String dest = parameters.get(DESTINATION_KEY); if (dest == null) { dest = "dest"; new File("./" + dest).mkdirs(); log.info("Using default destination directory: ./dest/"); }//from www . j av a 2 s.co m PKIMessage respObject = null; ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(response)); try { respObject = PKIMessage.getInstance(asn1InputStream.readObject()); } finally { asn1InputStream.close(); } if (respObject == null) { log.error("ERROR. Cannot construct the response object"); return CommandResult.FUNCTIONAL_FAILURE; } PKIBody body = respObject.getBody(); int tag = body.getType(); if (tag == PKIBody.TYPE_INIT_REP) { CertRepMessage c = (CertRepMessage) body.getContent(); CertResponse resp = c.getResponse()[0]; PKIStatusInfo status = resp.getStatus(); if (status.getStatus().intValue() == PKIStatus.GRANTED) { final X509Certificate cert = getCertFromResponse(resp); final ArrayList<Certificate> certs = new ArrayList<>(); certs.add(cert); final byte[] certBytes = CertTools.getPemFromCertificateChain(certs); String certFileName = getDestinationCertFile(dest, parameters.get(SUBJECTDN_KEY)); final FileOutputStream fos = new FileOutputStream(new File(certFileName)); fos.write(certBytes); fos.close(); log.info("CRMF request successful. Received certificate stored in " + certFileName); return CommandResult.SUCCESS; } else { final String errMsg = status.getStatusString().getStringAt(0).getString(); log.error("Recieved CRMF response with status '" + status.getStatus().intValue() + "' and error message: " + errMsg); } } else if (tag == PKIBody.TYPE_ERROR) { ErrorMsgContent err = (ErrorMsgContent) body.getContent(); final String errMsg = err.getPKIStatusInfo().getStatusString().getStringAt(0).getString(); log.error("Revceived CMP Error Message: " + errMsg); } else { log.error("Received PKIMessage with body tag " + tag); } return CommandResult.FUNCTIONAL_FAILURE; }