List of usage examples for org.bouncycastle.asn1.cmp PKIStatusInfo getInstance
public static PKIStatusInfo getInstance(Object obj)
From source file:com.guardtime.asn1.CertTokenResponse.java
License:Apache License
public Asn1CertTokenResponse(ASN1Sequence seq) { Enumeration en = seq.getObjects(); // Required elements status = PKIStatusInfo.getInstance(en.nextElement()); // Optional elements while (en.hasMoreElements()) { ASN1TaggedObject obj = ASN1TaggedObject.getInstance(en.nextElement()); if (obj.getTagNo() == 0 && certToken == null) { certToken = Asn1CertToken.getInstance(obj, false); } else {/* w ww.j av a 2 s . c om*/ throw new IllegalArgumentException("invalid object in factory: " + obj); } } }
From source file:com.guardtime.asn1.StatusInfo.java
License:Apache License
/** * Class constructor./* w w w . j a va 2s.c o m*/ * * @param obj DER-encoded status info object. * * @throws Asn1FormatException if status info object has invalid format. */ StatusInfo(ASN1Encodable obj) throws Asn1FormatException { try { statusInfo = PKIStatusInfo.getInstance(obj); statusCode = statusInfo.getStatus().intValue(); // RFC 3161: // // Compliant servers SHOULD NOT produce any other (than 0..5) // values. Compliant clients MUST generate an error // if values it does not understand are present. if (statusCode < 0 || statusCode > 5) { throw new Asn1FormatException("invalid status: " + statusCode); } PKIFreeText freeText = statusInfo.getStatusString(); if (freeText != null) { int freeTextSize = freeText.size(); // PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String if (freeTextSize < 1) { throw new Asn1FormatException("zero-length status string not allowed"); } statusText = new ArrayList(); for (int i = 0; i < freeTextSize; i++) { statusText.add(freeText.getStringAt(i).getString()); } } // -1 means that status code is not set failCode = -1; DERBitString bitString = statusInfo.getFailInfo(); if (bitString != null) { byte[] failBytes = bitString.getBytes(); int len = failBytes.length * 8; for (int i = 0; i < len; i++) { // return only the first error encountered if ((failBytes[i >> 3] & (0x80 >> (i & 7))) != 0) { failCode = i; break; } } // Check that received fail code is valid boolean isValidFailCode = false; for (int i = 0; i < allowedFailCodes.length; i++) { if (failCode == allowedFailCodes[i]) { isValidFailCode = true; break; } } if (!isValidFailCode) { throw new Asn1FormatException("invalid fail info: " + failCode); } } } catch (Asn1FormatException e) { throw e; } catch (Exception e) { throw new Asn1FormatException("status info has invalid format", e); } }
From source file:org.ejbca.core.protocol.cmp.CmpResponseMessage.java
License:Open Source License
@Override public boolean create() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException { boolean ret = false; // Some general stuff, common for all types of messages String issuer = null;/*w ww .j a va2s .c om*/ String subject = null; if (cert != null) { X509Certificate x509cert = (X509Certificate) cert; issuer = x509cert.getIssuerDN().getName(); subject = x509cert.getSubjectDN().getName(); } else if ((signCertChain != null) && (signCertChain.size() > 0)) { issuer = ((X509Certificate) signCertChain.iterator().next()).getSubjectDN().getName(); subject = "CN=fooSubject"; } else { issuer = "CN=fooIssuer"; subject = "CN=fooSubject"; } final GeneralName issuerName = new GeneralName(new X500Name(issuer)); final GeneralName subjectName = new GeneralName(new X500Name(subject)); final PKIHeaderBuilder myPKIHeader = CmpMessageHelper.createPKIHeaderBuilder(issuerName, subjectName, senderNonce, recipientNonce, transactionId); PKIBody myPKIBody = null; final PKIMessage myPKIMessage; try { if (status.equals(ResponseStatus.SUCCESS)) { if (cert != null) { if (log.isDebugEnabled()) { log.debug("Creating a CertRepMessage 'accepted'"); } PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(PKIStatus.granted); // 0 = accepted ASN1InputStream certASN1InputStream = new ASN1InputStream( new ByteArrayInputStream(cert.getEncoded())); ASN1InputStream cacertASN1InputStream = new ASN1InputStream( new ByteArrayInputStream(cacert.getEncoded())); try { try { CMPCertificate cmpcert = CMPCertificate.getInstance(certASN1InputStream.readObject()); CertOrEncCert retCert = new CertOrEncCert(cmpcert); CertifiedKeyPair myCertifiedKeyPair = new CertifiedKeyPair(retCert); CertResponse myCertResponse = new CertResponse(new ASN1Integer(requestId), myPKIStatusInfo, myCertifiedKeyPair, null); CertResponse[] certRespos = { myCertResponse }; CMPCertificate[] caPubs = { CMPCertificate.getInstance(cacertASN1InputStream.readObject()) }; CertRepMessage myCertRepMessage = new CertRepMessage(caPubs, certRespos); int respType = requestType + 1; // 1 = intitialization response, 3 = certification response etc if (log.isDebugEnabled()) { log.debug("Creating response body of type " + respType); } myPKIBody = new PKIBody(respType, myCertRepMessage); } finally { certASN1InputStream.close(); cacertASN1InputStream.close(); } } catch (IOException e) { throw new IllegalStateException("Unexpected IOException caught.", e); } } } else if (status.equals(ResponseStatus.FAILURE)) { if (log.isDebugEnabled()) { log.debug("Creating a CertRepMessage 'rejected'"); } // Create a failure message ASN1EncodableVector statusInfoV = new ASN1EncodableVector(); statusInfoV.add(ASN1Integer.getInstance(PKIStatus.rejection.toASN1Primitive())); if (failText != null) { statusInfoV.add(new PKIFreeText(new DERUTF8String(failText))); } statusInfoV.add(CmpMessageHelper.getPKIFailureInfo(failInfo.intValue())); PKIStatusInfo myPKIStatusInfo = PKIStatusInfo .getInstance(ASN1Sequence.getInstance(new DERSequence(statusInfoV))); myPKIBody = CmpMessageHelper.createCertRequestRejectBody(myPKIStatusInfo, requestId, requestType); } else { if (log.isDebugEnabled()) { log.debug("Creating a 'waiting' message?"); } // Not supported, lets create a PKIError failure instead // Create a failure message ASN1EncodableVector statusInfoV = new ASN1EncodableVector(); statusInfoV.add(PKIStatus.rejection); // 2 = rejection if (failText != null) { statusInfoV.add(new PKIFreeText(new DERUTF8String(failText))); } statusInfoV.add(CmpMessageHelper.getPKIFailureInfo(failInfo.intValue())); PKIStatusInfo myPKIStatusInfo = PKIStatusInfo.getInstance(new DERSequence(statusInfoV)); ErrorMsgContent myErrorContent = new ErrorMsgContent(myPKIStatusInfo); myPKIBody = new PKIBody(23, myErrorContent); // 23 = error } if ((pbeKeyId != null) && (pbeKey != null) && (pbeDigestAlg != null) && (pbeMacAlg != null)) { myPKIHeader.setProtectionAlg(new AlgorithmIdentifier(CMPObjectIdentifiers.passwordBasedMac)); PKIHeader header = myPKIHeader.build(); myPKIMessage = new PKIMessage(header, myPKIBody); responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, pbeKeyId, pbeKey, pbeDigestAlg, pbeMacAlg, pbeIterationCount); } else { myPKIHeader.setProtectionAlg(new AlgorithmIdentifier(digest)); PKIHeader header = myPKIHeader.build(); myPKIMessage = new PKIMessage(header, myPKIBody); responseMessage = CmpMessageHelper.signPKIMessage(myPKIMessage, signCertChain, signKey, digest, provider); } ret = true; } catch (CertificateEncodingException e) { log.error("Error creating CertRepMessage: ", e); } catch (InvalidKeyException e) { log.error("Error creating CertRepMessage: ", e); } catch (NoSuchProviderException e) { log.error("Error creating CertRepMessage: ", e); } catch (NoSuchAlgorithmException e) { log.error("Error creating CertRepMessage: ", e); } catch (SecurityException e) { log.error("Error creating CertRepMessage: ", e); } catch (SignatureException e) { log.error("Error creating CertRepMessage: ", e); } return ret; }
From source file:org.jnotary.dvcs.CertEtcToken.java
License:Open Source License
private CertEtcToken(Object obj) { if (obj instanceof X509Extension) { extension = null; //TODO: Das muss verstanden werden } else {/* w w w . ja va 2 s. c om*/ ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; switch (tagObj.getTagNo()) { case 0: certificate = Certificate.getInstance(tagObj.getObject()); break; case 1: esscertid = ESSCertID.getInstance(tagObj.getObject()); break; case 2: pkistatus = PKIStatusInfo.getInstance(tagObj.getObject()); break; case 3: assertion = ContentInfo.getInstance(tagObj.getObject()); break; case 4: crl = CertificateList.getInstance(tagObj.getObject()); break; case 5: ocspcertstatus = CertStatus.getInstance(tagObj.getObject()); break; case 6: oscpcertid = CertID.getInstance(tagObj.getObject()); break; case 7: oscpresponse = OCSPResponse.getInstance(tagObj.getObject()); break; case 8: capabilities = SMIMECapabilities.getInstance(tagObj.getObject()); break; } } }
From source file:org.jnotary.dvcs.DVCSCertInfo.java
License:Open Source License
@SuppressWarnings("rawtypes") private DVCSCertInfo(ASN1Sequence seq) { Enumeration e = seq.getObjects(); Object obj = e.nextElement(); if (obj instanceof ASN1Integer) { this.version = DERInteger.getInstance(obj); obj = e.nextElement();//from w w w . j a v a 2 s . c o m } this.dvReqInfo = DVCSRequestInformation.getInstance(obj); this.messageImprint = DigestInfo.getInstance(e.nextElement()); this.serialNumber = DERInteger.getInstance(e.nextElement()); this.responseTime = DVCSTime.getInstance(e.nextElement()); for (; e.hasMoreElements();) { obj = e.nextElement(); if (obj instanceof ASN1TaggedObject) { ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; switch (tagObj.getTagNo()) { case 0: dvStatus = PKIStatusInfo.getInstance(tagObj.getObject()); break; case 1: policy = PolicyInformation.getInstance(tagObj.getObject()); break; case 2: reqSignature = SignerInfo.getInstance(tagObj.getObject()); break; case 3: ASN1Sequence seqCerts = DERSequence.getInstance(tagObj.getObject()); certs = new TargetEtcChain[seqCerts.size()]; for (int i = 0; i < seqCerts.size(); ++i) { certs[i] = TargetEtcChain.getInstance(seqCerts.getObjectAt(i)); } break; } } else { Extensions.getInstance(obj); } } }
From source file:org.jnotary.dvcs.DVCSErrorNotice.java
License:Open Source License
@SuppressWarnings("rawtypes") private DVCSErrorNotice(ASN1Sequence seq) { Enumeration e = seq.getObjects(); transactionStatus = PKIStatusInfo.getInstance(e.nextElement()); if (e.hasMoreElements()) transactionIdentifier = GeneralName.getInstance(e.nextElement()); }