List of usage examples for org.bouncycastle.asn1.cmp PKIMessage getEncoded
public byte[] getEncoded(String encoding) throws IOException
From source file:org.xipki.ca.server.impl.Rfc6712Servlet.java
License:Open Source License
@Override public void doPost(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException { X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); X509Certificate clientCert = (certs == null || certs.length < 1) ? null : certs[0]; AuditLoggingService auditLoggingService = auditServiceRegister.getAuditLoggingService(); AuditEvent auditEvent = (auditLoggingService != null) ? new AuditEvent(new Date()) : null; if (auditEvent != null) { auditEvent.setApplicationName("CA"); auditEvent.setName("PERF"); }/*from w ww .ja v a 2s .c o m*/ AuditLevel auditLevel = AuditLevel.INFO; AuditStatus auditStatus = AuditStatus.SUCCESSFUL; String auditMessage = null; try { if (responderManager == null) { String message = "caManager in servlet not configured"; LOG.error(message); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); auditLevel = AuditLevel.ERROR; auditStatus = AuditStatus.FAILED; auditMessage = message; return; } if (CT_REQUEST.equalsIgnoreCase(request.getContentType()) == false) { response.setContentLength(0); response.setStatus(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE); auditStatus = AuditStatus.FAILED; auditMessage = "unsupported media type " + request.getContentType(); return; } String requestURI = request.getRequestURI(); String servletPath = request.getServletPath(); String caName = null; X509CACmpResponder responder = null; int n = servletPath.length(); if (requestURI.length() > n + 1) { String caAlias = URLDecoder.decode(requestURI.substring(n + 1), "UTF-8"); caName = responderManager.getCaNameForAlias(caAlias); if (caName == null) { caName = caAlias; } caName = caName.toUpperCase(); responder = responderManager.getX509CACmpResponder(caName); } if (caName == null || responder == null || responder.isInService() == false) { if (caName == null) { auditMessage = "no CA is specified"; } else if (responder == null) { auditMessage = "unknown CA '" + caName + "'"; } else { auditMessage = "CA '" + caName + "' is out of service"; } LOG.warn(auditMessage); response.setContentLength(0); response.setStatus(HttpServletResponse.SC_NOT_FOUND); auditStatus = AuditStatus.FAILED; return; } if (auditEvent != null) { auditEvent.addEventData(new AuditEventData("CA", responder.getCA().getCAInfo().getName())); } PKIMessage pkiReq; try { pkiReq = generatePKIMessage(request.getInputStream()); } catch (Exception e) { response.setContentLength(0); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); auditStatus = AuditStatus.FAILED; auditMessage = "bad request"; final String message = "could not parse the request (PKIMessage)"; if (LOG.isErrorEnabled()) { LOG.error(LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), e.getMessage()); } LOG.debug(message, e); return; } PKIHeader reqHeader = pkiReq.getHeader(); ASN1OctetString tid = reqHeader.getTransactionID(); PKIHeaderBuilder respHeader = new PKIHeaderBuilder(reqHeader.getPvno().getValue().intValue(), reqHeader.getRecipient(), reqHeader.getSender()); respHeader.setTransactionID(tid); PKIMessage pkiResp = responder.processPKIMessage(pkiReq, clientCert, auditEvent); byte[] pkiRespBytes = pkiResp.getEncoded("DER"); response.setContentType(Rfc6712Servlet.CT_RESPONSE); response.setStatus(HttpServletResponse.SC_OK); response.setContentLength(pkiRespBytes.length); response.getOutputStream().write(pkiRespBytes); } catch (EOFException e) { final String message = "connection reset by peer"; if (LOG.isErrorEnabled()) { LOG.warn(LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), e.getMessage()); } LOG.debug(message, e); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); } catch (Throwable t) { final String message = "Throwable thrown, this should not happen!"; LOG.error(message, t); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); auditLevel = AuditLevel.ERROR; auditStatus = AuditStatus.FAILED; auditMessage = "internal error"; } finally { try { response.flushBuffer(); } finally { if (auditEvent != null) { audit(auditLoggingService, auditEvent, auditLevel, auditStatus, auditMessage); } } } }
From source file:org.xipki.remotep11.server.impl.Rfc6712Servlet.java
License:Open Source License
@Override public void doPost(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException { try {//from ww w . j a v a2 s.co m if (localP11CryptServicePool == null) { LOG.error("localP11CryptService in servlet not configured"); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); return; } if (CT_REQUEST.equalsIgnoreCase(request.getContentType()) == false) { response.setContentLength(0); response.setStatus(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE); response.flushBuffer(); return; } PKIMessage pkiReq; try { pkiReq = generatePKIMessage(request.getInputStream()); } catch (Exception e) { response.setContentLength(0); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); final String message = "could not parse the request (PKIMessage)"; if (LOG.isErrorEnabled()) { LOG.error(message + ", class={}, message={}", e.getClass().getName(), e.getMessage()); } LOG.debug(message, e); return; } // extract the module name String moduleName = null; String encodedUrl = request.getRequestURI(); String constructedPath = null; if (encodedUrl != null) { constructedPath = URLDecoder.decode(encodedUrl, "UTF-8"); String servletPath = request.getServletPath(); if (servletPath.endsWith("/") == false) { servletPath += "/"; if (servletPath.startsWith(constructedPath)) { moduleName = SecurityFactory.DEFAULT_P11MODULE_NAME; } } int indexOf = constructedPath.indexOf(servletPath); if (indexOf >= 0) { constructedPath = constructedPath.substring(indexOf + servletPath.length()); } } if (moduleName == null) { int moduleName_end_index = constructedPath.indexOf('/'); moduleName = (moduleName_end_index == -1) ? constructedPath : constructedPath.substring(0, moduleName_end_index); } PKIMessage pkiResp = responder.processPKIMessage(localP11CryptServicePool, moduleName, pkiReq); byte[] pkiRespBytes = pkiResp.getEncoded("DER"); response.setContentType(Rfc6712Servlet.CT_RESPONSE); response.setStatus(HttpServletResponse.SC_OK); response.setContentLength(pkiRespBytes.length); response.getOutputStream().write(pkiRespBytes); } catch (EOFException e) { final String message = "connection reset by peer"; LOG.error(message + ". {}: {}", e.getClass().getName(), e.getMessage()); LOG.debug(message, e); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); } catch (Throwable t) { LOG.error("Throwable thrown, this should not happen. {}: {}", t.getClass().getName(), t.getMessage()); LOG.debug("Throwable thrown, this should not happen.", t); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setContentLength(0); } response.flushBuffer(); }