List of usage examples for org.bouncycastle.asn1.cmp PKIStatus getInstance
public static PKIStatus getInstance(Object o)
From source file:org.jnotary.dvcs.SimpleResponseTest.java
License:Open Source License
@Test public void errorResponse() throws IOException { PKIStatus status = PKIStatus.getInstance(new DERInteger(PKIStatus.REJECTION)); PKIFreeText statusString = new PKIFreeText("Free text"); PKIFailureInfo failInfo = new PKIFailureInfo(PKIFailureInfo.badRequest); PKIStatusInfo transactionStatus = new PKIStatusInfo(status, statusString, failInfo); DVCSErrorNotice dvErrorNote = new DVCSErrorNotice(transactionStatus); DVCSResponse respOut = new DVCSResponse(dvErrorNote); DVCSResponse respIn = DVCSResponse.getInstance(respOut.getEncoded()); assertTrue("Status igetInstances incorrect", respIn.getDvErrorNote().getTransactionStatus().getStatus() .equals(respOut.getDvErrorNote().getTransactionStatus().getStatus())); assertTrue("Status string is incorrect", respIn.getDvErrorNote().getTransactionStatus().getStatusString() .equals(respOut.getDvErrorNote().getTransactionStatus().getStatusString())); assertTrue("Status is incorrect", respIn.getDvErrorNote().getTransactionStatus().getFailInfo() .equals(respOut.getDvErrorNote().getTransactionStatus().getFailInfo())); }
From source file:org.jnotary.dvcs.util.StatusInfoFactory.java
License:Open Source License
public static PKIStatusInfo getInstance(int pkiStatus, String freeText, Integer pkiFailInfo) { PKIStatus status = PKIStatus.getInstance(new DERInteger(pkiStatus)); PKIFreeText statusString = (freeText == null ? null : new PKIFreeText(freeText)); PKIFailureInfo failInfo = (pkiFailInfo == null ? null : new PKIFailureInfo(pkiFailInfo)); return new PKIStatusInfo(status, statusString, failInfo); }
From source file:org.jnotary.service.dvcs.DvcsResponseHelper.java
License:Open Source License
protected DVCSResponse createResponse(DVCSRequest request, DigestInfo messageImprint) throws DVCSException { PKIStatus status = PKIStatus.getInstance(new DERInteger(PKIStatus.GRANTED)); PKIStatusInfo dvStatus = new PKIStatusInfo(status, null, null); return createResponse(request, messageImprint, dvStatus); }
From source file:org.xipki.pki.ca.server.impl.cmp.X509CaCmpResponder.java
License:Open Source License
private CertRepMessage processCertReqMessages(final PKIMessage request, final CmpRequestorInfo requestor, final String user, final ASN1OctetString tid, final PKIHeader reqHeader, final CertReqMessages kur, final boolean keyUpdate, final CmpControl cmpControl, final String msgId, final AuditEvent event) { CmpRequestorInfo tmpRequestor = (CmpRequestorInfo) requestor; CertReqMsg[] certReqMsgs = kur.toCertReqMsgArray(); final int n = certReqMsgs.length; Map<Integer, CertTemplateData> certTemplateDatas = new HashMap<>(n * 10 / 6); Map<Integer, CertResponse> certResponses = new HashMap<>(n * 10 / 6); Map<Integer, ASN1Integer> certReqIds = new HashMap<>(n * 10 / 6); // pre-process requests for (int i = 0; i < n; i++) { if (cmpControl.isGroupEnroll() && certTemplateDatas.size() != i) { // last certReqMsg cannot be used to enroll certificate break; }//from ww w .ja v a 2 s. c om CertReqMsg reqMsg = certReqMsgs[i]; CertificateRequestMessage req = new CertificateRequestMessage(reqMsg); ASN1Integer certReqId = reqMsg.getCertReq().getCertReqId(); certReqIds.put(i, certReqId); if (!req.hasProofOfPossession()) { certResponses.put(i, buildErrorCertResponse(certReqId, PKIFailureInfo.badPOP, "no POP", null)); continue; } if (!verifyPopo(req, tmpRequestor.isRa())) { LOG.warn("could not validate POP for request {}", certReqId.getValue()); certResponses.put(i, buildErrorCertResponse(certReqId, PKIFailureInfo.badPOP, "invalid POP", null)); continue; } CmpUtf8Pairs keyvalues = CmpUtil.extract(reqMsg.getRegInfo()); String certprofileName = (keyvalues == null) ? null : keyvalues.getValue(CmpUtf8Pairs.KEY_CERT_PROFILE); if (certprofileName == null) { String msg = "no certificate profile"; certResponses.put(i, buildErrorCertResponse(certReqId, PKIFailureInfo.badCertTemplate, msg)); continue; } if (!isCertProfilePermitted(tmpRequestor, certprofileName)) { String msg = "certprofile " + certprofileName + " is not allowed"; certResponses.put(i, buildErrorCertResponse(certReqId, PKIFailureInfo.notAuthorized, msg)); continue; } CertTemplate certTemp = req.getCertTemplate(); OptionalValidity validity = certTemp.getValidity(); Date notBefore = null; Date notAfter = null; if (validity != null) { Time time = validity.getNotBefore(); if (time != null) { notBefore = time.getDate(); } time = validity.getNotAfter(); if (time != null) { notAfter = time.getDate(); } } CertTemplateData certTempData = new CertTemplateData(certTemp.getSubject(), certTemp.getPublicKey(), notBefore, notAfter, certTemp.getExtensions(), certprofileName); certTemplateDatas.put(i, certTempData); } // end for if (certResponses.size() == n) { // all error CertResponse[] certResps = new CertResponse[n]; for (int i = 0; i < n; i++) { certResps[i] = certResponses.get(i); } return new CertRepMessage(null, certResps); } if (cmpControl.isGroupEnroll() && certTemplateDatas.size() != n) { // at least one certRequest cannot be used to enroll certificate int lastFailureIndex = certTemplateDatas.size(); BigInteger failCertReqId = certReqIds.get(lastFailureIndex).getPositiveValue(); CertResponse failCertResp = certResponses.get(lastFailureIndex); PKIStatus failStatus = PKIStatus.getInstance(new ASN1Integer(failCertResp.getStatus().getStatus())); PKIFailureInfo failureInfo = new PKIFailureInfo(failCertResp.getStatus().getFailInfo()); CertResponse[] certResps = new CertResponse[n]; for (int i = 0; i < n; i++) { if (i == lastFailureIndex) { certResps[i] = failCertResp; continue; } ASN1Integer certReqId = certReqIds.get(i); String msg = "error in certReq " + failCertReqId; PKIStatusInfo tmpStatus = generateRejectionStatus(failStatus, failureInfo.intValue(), msg); certResps[i] = new CertResponse(certReqId, tmpStatus); } return new CertRepMessage(null, certResps); } final int k = certTemplateDatas.size(); List<CertTemplateData> certTemplateList = new ArrayList<>(k); List<ASN1Integer> certReqIdList = new ArrayList<>(k); Map<Integer, Integer> reqIndexToCertIndexMap = new HashMap<>(k * 10 / 6); for (int i = 0; i < n; i++) { if (!certTemplateDatas.containsKey(i)) { continue; } certTemplateList.add(certTemplateDatas.get(i)); certReqIdList.add(certReqIds.get(i)); reqIndexToCertIndexMap.put(i, certTemplateList.size() - 1); } List<CertResponse> generateCertResponses = generateCertificates(certTemplateList, certReqIdList, tmpRequestor, user, tid, keyUpdate, request, cmpControl, msgId, event); boolean anyCertEnrolled = false; CertResponse[] certResps = new CertResponse[n]; for (int i = 0; i < n; i++) { if (certResponses.containsKey(i)) { certResps[i] = certResponses.get(i); } else { int respIndex = reqIndexToCertIndexMap.get(i); certResps[i] = generateCertResponses.get(respIndex); if (!anyCertEnrolled && certResps[i].getCertifiedKeyPair() != null) { anyCertEnrolled = true; } } } CMPCertificate[] caPubs = null; if (anyCertEnrolled && cmpControl.isSendCaCert()) { caPubs = new CMPCertificate[] { getCa().getCaInfo().getCertInCmpFormat() }; } return new CertRepMessage(caPubs, certResps); }