Example usage for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP

List of usage examples for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.cmp.*
  5. PKIBody
  6. TYPE_INIT_REP

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP.

Prototype

int TYPE_INIT_REP

To view the source code for org.bouncycastle.asn1.cmp PKIBody TYPE_INIT_REP.

Click Source Link

Usage

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

private byte[] createInitializationRespons1(byte[] senderNonce, byte[] transactionId) throws CMPException,
        CertificateEncodingException, OperatorCreationException, PKICMPMessageException, IOException {
    X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert());

    // Body/*  www .  j a  v  a2s.  c o m*/
    CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted),
            new CertifiedKeyPair(
                    new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure()))),
            null);
    CertResponse[] certResponses = new CertResponse[1];
    certResponses[0] = certResponse;

    PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP,
            new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses));

    return createProtectedPKIMessage(senderNonce, transactionId, pkiBody);

}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

private byte[] createInitializationRespons2(byte[] senderNonce, byte[] transactionId) throws CMPException,
        CertificateEncodingException, OperatorException, PKICMPMessageException, IOException, CRMFException {
    X509CertificateHolder x509CertificateHolder = new JcaX509CertificateHolder(pki.getTestUser3Cert());

    //encrypt Private Key
    KeyWrapper keyWrapper = new JceAsymmetricKeyWrapper(pkiKeyStoreCA.getRecipientCertificate().getPublicKey())
            .setProvider("BC");
    OutputEncryptor encryptor = new JceCRMFEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC")
            .build();/*  w w w .  ja va 2s .c o  m*/
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();

    OutputStream eOut = encryptor.getOutputStream(bOut);
    eOut.write(pki.getTestUser3CertPrivateKey().getEncoded());
    eOut.close();

    AlgorithmIdentifier intendedAlg = null;
    AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
    DERBitString encSymmKey;
    keyWrapper.generateWrappedKey(encryptor.getKey());
    encSymmKey = new DERBitString(keyWrapper.generateWrappedKey(encryptor.getKey()));

    AlgorithmIdentifier keyAlg = keyWrapper.getAlgorithmIdentifier();
    ASN1OctetString valueHint = null;
    DERBitString encValue = new DERBitString(bOut.toByteArray());

    EncryptedValue encryptedPrivateKey = new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint,
            encValue);

    // Body
    CertResponse certResponse = new CertResponse(new ASN1Integer(0), new PKIStatusInfo(PKIStatus.granted),
            new CertifiedKeyPair(new CertOrEncCert(new CMPCertificate(x509CertificateHolder.toASN1Structure())),
                    encryptedPrivateKey, null),
            null);
    CertResponse[] certResponses = new CertResponse[1];
    certResponses[0] = certResponse;

    PKIBody pkiBody = new PKIBody(PKIBody.TYPE_INIT_REP,
            new CertRepMessage(pkiKeyStoreCA.getCMPCertificateChain(), certResponses));

    return createProtectedPKIMessage(senderNonce, transactionId, pkiBody);

}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

@Test
public void testProcessMessage() throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException,
        NoSuchFieldException, PKICMPMessageException, OperatorCreationException, IOException, CRMFException,
        CMPException, IllegalAccessException, CMSException, PKIKeyStoreException, ParseException {
    String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName();

    KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey());

    PKICMPMessages pkiMessages = new PKICMPMessages();
    pkiMessages.setPkiKeyStore(pkiKeyStoreRA);
    byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair);

    byte[] response = createInitializationRespons1(pkiMessages.getSenderNonce(),
            pkiMessages.getTransactionId());

    PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response);

    Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType());
}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

/**
 * Test the certification response decoding without a private key
 *
 * @throws NoSuchProviderException/* www  .  j  av a2 s .co m*/
 * @throws NoSuchAlgorithmException
 * @throws CertificateException
 * @throws NoSuchFieldException
 * @throws PKICMPMessageException
 * @throws OperatorCreationException
 * @throws IOException
 * @throws CRMFException
 * @throws CMPException
 * @throws IllegalAccessException
 * @throws CMSException
 * @throws PKIKeyStoreException
 * @throws ParseException
 * @throws InvalidKeySpecException
 */
@Test
public void testProcessInitializationMessageWithoutPrivateKey()
        throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException, NoSuchFieldException,
        PKICMPMessageException, OperatorCreationException, IOException, CRMFException, CMPException,
        IllegalAccessException, CMSException, PKIKeyStoreException, ParseException, InvalidKeySpecException {
    String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName();

    KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey());

    PKICMPMessages pkiMessages = new PKICMPMessages();
    pkiMessages.setPkiKeyStore(pkiKeyStoreRA);
    byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair);

    byte[] response = createInitializationRespons1(pkiMessages.getSenderNonce(),
            pkiMessages.getTransactionId());

    PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response);

    CertificationResult certificationResult = pkiMessages.processCertification(pkicmpResponse.getPkiBody());

    Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType());
    Assert.assertArrayEquals(pki.getTestUser3Cert().getEncoded(),
            certificationResult.getX509Certificate().getEncoded());
    Assert.assertNull(certificationResult.getPrivateKey());
    Assert.assertEquals(0, certificationResult.getCertificateId().intValue());
    Assert.assertArrayEquals(pki.getCertificateChain()[0].getEncoded(),
            certificationResult.getX509CertificateChain()[0].getEncoded());
    Assert.assertArrayEquals(pki.getCertificateChain()[1].getEncoded(),
            certificationResult.getX509CertificateChain()[1].getEncoded());
}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

/**
 * Test the certification response decoding with a private key encryption and decryption
 *
 * @throws NoSuchProviderException// w  w  w.jav a 2s . c o  m
 * @throws NoSuchAlgorithmException
 * @throws CertificateException
 * @throws NoSuchFieldException
 * @throws PKICMPMessageException
 * @throws OperatorCreationException
 * @throws IOException
 * @throws CRMFException
 * @throws CMPException
 * @throws IllegalAccessException
 * @throws CMSException
 * @throws PKIKeyStoreException
 * @throws ParseException
 * @throws InvalidKeySpecException
 */
@Test
public void testProcessInitializationMessageWithPrivateKey()
        throws NoSuchProviderException, NoSuchAlgorithmException, CertificateException, NoSuchFieldException,
        PKICMPMessageException, OperatorException, IOException, CRMFException, CMPException,
        IllegalAccessException, CMSException, PKIKeyStoreException, ParseException, InvalidKeySpecException {
    String distinguishedName = pki.getTestUser3Cert().getSubjectX500Principal().getName();

    KeyPair keyPair = new KeyPair(pki.getTestUser3Cert().getPublicKey(), pki.getTestUser3CertPrivateKey());

    PKICMPMessages pkiMessages = new PKICMPMessages();
    pkiMessages.setPkiKeyStore(pkiKeyStoreRA);
    byte[] request = pkiMessages.createInitializationMessage(distinguishedName, keyPair);

    byte[] response = createInitializationRespons2(pkiMessages.getSenderNonce(),
            pkiMessages.getTransactionId());

    PKICMPResponse pkicmpResponse = pkiMessages.processResponse(response);

    CertificationResult certificationResult = pkiMessages.processCertification(pkicmpResponse.getPkiBody());

    Assert.assertEquals(PKIBody.TYPE_INIT_REP, pkicmpResponse.getPkiBody().getType());
    Assert.assertArrayEquals(pki.getTestUser3Cert().getEncoded(),
            certificationResult.getX509Certificate().getEncoded());
    Assert.assertArrayEquals(pki.getTestUser3CertPrivateKey().getEncoded(),
            certificationResult.getPrivateKey().getEncoded());
    Assert.assertEquals(0, certificationResult.getCertificateId().intValue());
    Assert.assertArrayEquals(pki.getCertificateChain()[0].getEncoded(),
            certificationResult.getX509CertificateChain()[0].getEncoded());
    Assert.assertArrayEquals(pki.getCertificateChain()[1].getEncoded(),
            certificationResult.getX509CertificateChain()[1].getEncoded());
}

From source file:org.ejbca.ui.cmpclient.commands.CrmfRequestCommand.java

License:Open Source License

@Override
public CommandResult handleCMPResponse(byte[] response, final ParameterContainer parameters) throws Exception {
    String dest = parameters.get(DESTINATION_KEY);
    if (dest == null) {
        dest = "dest";
        new File("./" + dest).mkdirs();
        log.info("Using default destination directory: ./dest/");
    }//from   www .  j  av  a  2 s.co  m

    PKIMessage respObject = null;
    ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(response));
    try {
        respObject = PKIMessage.getInstance(asn1InputStream.readObject());
    } finally {
        asn1InputStream.close();
    }
    if (respObject == null) {
        log.error("ERROR. Cannot construct the response object");
        return CommandResult.FUNCTIONAL_FAILURE;
    }

    PKIBody body = respObject.getBody();
    int tag = body.getType();

    if (tag == PKIBody.TYPE_INIT_REP) {
        CertRepMessage c = (CertRepMessage) body.getContent();
        CertResponse resp = c.getResponse()[0];
        PKIStatusInfo status = resp.getStatus();
        if (status.getStatus().intValue() == PKIStatus.GRANTED) {
            final X509Certificate cert = getCertFromResponse(resp);
            final ArrayList<Certificate> certs = new ArrayList<>();
            certs.add(cert);
            final byte[] certBytes = CertTools.getPemFromCertificateChain(certs);

            String certFileName = getDestinationCertFile(dest, parameters.get(SUBJECTDN_KEY));
            final FileOutputStream fos = new FileOutputStream(new File(certFileName));
            fos.write(certBytes);
            fos.close();
            log.info("CRMF request successful. Received certificate stored in " + certFileName);
            return CommandResult.SUCCESS;
        } else {
            final String errMsg = status.getStatusString().getStringAt(0).getString();
            log.error("Recieved CRMF response with status '" + status.getStatus().intValue()
                    + "' and error message: " + errMsg);
        }
    } else if (tag == PKIBody.TYPE_ERROR) {
        ErrorMsgContent err = (ErrorMsgContent) body.getContent();
        final String errMsg = err.getPKIStatusInfo().getStatusString().getStringAt(0).getString();
        log.error("Revceived CMP Error Message: " + errMsg);
    } else {
        log.error("Received PKIMessage with body tag " + tag);
    }
    return CommandResult.FUNCTIONAL_FAILURE;
}