List of usage examples for org.bouncycastle.asn1.cmp PKIMessages toPKIMessageArray
public PKIMessage[] toPKIMessageArray()
From source file:org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean.java
License:Open Source License
/** The message may have been received by any transport protocol, and is passed here in it's binary ASN.1 form. * /* ww w . j a va 2s . c om*/ * @param message der encoded CMP message * @return IResponseMessage containing the CMP response message or null if there is no message to send back or some internal error has occurred */ private ResponseMessage dispatch(final AuthenticationToken admin, final ASN1Primitive derObject, final boolean authenticated, String confAlias) { this.cmpConfiguration = (CmpConfiguration) this.globalConfigSession .getCachedConfiguration(CmpConfiguration.CMP_CONFIGURATION_ID); if (!cmpConfiguration.aliasExists(confAlias)) { log.info("There is no CMP alias: " + confAlias); return CmpMessageHelper.createUnprotectedErrorMessage(null, ResponseStatus.FAILURE, FailInfo.INCORRECT_DATA, "Wrong URL. CMP alias '" + confAlias + "' does not exist"); } final PKIMessage req; try { req = PKIMessage.getInstance(derObject); if (req == null) { throw new Exception("No CMP message could be parsed from received Der object."); } } catch (Throwable t) { // NOPMD: catch all to report errors back to client final String eMsg = intres.getLocalizedMessage("cmp.errornotcmpmessage"); log.error(eMsg, t); // If we could not read the message, we should return an error BAD_REQUEST return CmpMessageHelper.createUnprotectedErrorMessage(null, ResponseStatus.FAILURE, FailInfo.BAD_REQUEST, eMsg); } try { final PKIBody body = req.getBody(); final int tagno = body.getType(); if (log.isDebugEnabled()) { final PKIHeader header = req.getHeader(); log.debug("Received CMP message with pvno=" + header.getPvno() + ", sender=" + header.getSender().toString() + ", recipient=" + header.getRecipient().toString()); log.debug("Cmp configuration alias: " + confAlias); log.debug("The CMP message is already authenticated: " + authenticated); log.debug("Body is of type: " + tagno); log.debug("Transaction id: " + header.getTransactionID()); //log.debug(ASN1Dump.dumpAsString(req)); } BaseCmpMessage cmpMessage = null; ICmpMessageHandler handler = null; int unknownMessageType = -1; switch (tagno) { case 0: // 0 (ir, Initialization Request) and 2 (cr, Certification Req) are both certificate requests handler = new CrmfMessageHandler(admin, confAlias, caSession, certificateProfileSession, certificateRequestSession, endEntityAccessSession, endEntityProfileSession, signSession, certificateStoreSession, authSession, authenticationProviderSession, endEntityManagementSession, globalConfigSession); cmpMessage = new CrmfRequestMessage(req, this.cmpConfiguration.getCMPDefaultCA(confAlias), this.cmpConfiguration.getAllowRAVerifyPOPO(confAlias), this.cmpConfiguration.getExtractUsernameComponent(confAlias)); break; case 2: handler = new CrmfMessageHandler(admin, confAlias, caSession, certificateProfileSession, certificateRequestSession, endEntityAccessSession, endEntityProfileSession, signSession, certificateStoreSession, authSession, authenticationProviderSession, endEntityManagementSession, globalConfigSession); cmpMessage = new CrmfRequestMessage(req, this.cmpConfiguration.getCMPDefaultCA(confAlias), this.cmpConfiguration.getAllowRAVerifyPOPO(confAlias), this.cmpConfiguration.getExtractUsernameComponent(confAlias)); break; case 7: // Key Update request (kur, Key Update Request) handler = new CrmfKeyUpdateHandler(admin, confAlias, caSession, certificateProfileSession, endEntityAccessSession, endEntityProfileSession, signSession, certificateStoreSession, authSession, authenticationProviderSession, endEntityManagementSession, globalConfigSession); cmpMessage = new CrmfRequestMessage(req, this.cmpConfiguration.getCMPDefaultCA(confAlias), this.cmpConfiguration.getAllowRAVerifyPOPO(confAlias), this.cmpConfiguration.getExtractUsernameComponent(confAlias)); break; case 19: // PKI confirm (pkiconf, Confirmation) case 24: // Certificate confirmation (certConf, Certificate confirm) handler = new ConfirmationMessageHandler(admin, confAlias, caSession, endEntityProfileSession, certificateProfileSession, authSession, authenticationProviderSession, cryptoTokenSession, globalConfigSession); cmpMessage = new GeneralCmpMessage(req); break; case 11: // Revocation request (rr, Revocation Request) handler = new RevocationMessageHandler(admin, confAlias, endEntityManagementSession, caSession, endEntityProfileSession, certificateProfileSession, certificateStoreSession, authSession, endEntityAccessSession, authenticationProviderSession, cryptoTokenSession, globalConfigSession); cmpMessage = new GeneralCmpMessage(req); break; case 20: // NestedMessageContent (nested) if (log.isDebugEnabled()) { log.debug("Received a NestedMessageContent"); } final NestedMessageContent nestedMessage = new NestedMessageContent(req, confAlias, globalConfigSession); if (nestedMessage.verify()) { if (log.isDebugEnabled()) { log.debug("The NestedMessageContent was verified successfully"); } try { PKIMessages nestesMessages = (PKIMessages) nestedMessage.getPKIMessage().getBody() .getContent(); PKIMessage msg = nestesMessages.toPKIMessageArray()[0]; return dispatch(admin, msg.toASN1Primitive(), true, confAlias); } catch (IllegalArgumentException e) { final String errMsg = e.getLocalizedMessage(); log.info(errMsg, e); cmpMessage = new NestedMessageContent(req, confAlias, globalConfigSession); return CmpMessageHelper.createUnprotectedErrorMessage(cmpMessage, ResponseStatus.FAILURE, FailInfo.BAD_REQUEST, errMsg); } } else { final String errMsg = "Could not verify the RA, signature verification on NestedMessageContent failed."; log.info(errMsg); cmpMessage = new NestedMessageContent(req, confAlias, globalConfigSession); return CmpMessageHelper.createUnprotectedErrorMessage(cmpMessage, ResponseStatus.FAILURE, FailInfo.BAD_REQUEST, errMsg); } default: unknownMessageType = tagno; log.info("Received an unknown message type, tagno=" + tagno); break; } if (handler == null || cmpMessage == null) { if (unknownMessageType > -1) { final String eMsg = intres.getLocalizedMessage("cmp.errortypenohandle", Integer.valueOf(unknownMessageType)); log.error(eMsg); return CmpMessageHelper.createUnprotectedErrorMessage(null, ResponseStatus.FAILURE, FailInfo.BAD_REQUEST, eMsg); } throw new Exception("Something is null! Handler=" + handler + ", cmpMessage=" + cmpMessage); } final ResponseMessage ret = handler.handleMessage(cmpMessage, authenticated); if (ret != null) { log.debug("Received a response message of type '" + ret.getClass().getName() + "' from CmpMessageHandler."); } else { log.error(intres.getLocalizedMessage("cmp.errorresponsenull")); } return ret; } catch (Exception e) { log.error(intres.getLocalizedMessage("cmp.errorprocess"), e); return null; } }