List of usage examples for org.bouncycastle.asn1.crmf AttributeTypeAndValue getValue
public ASN1Encodable getValue()
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
/** * Check the private key archive control in the certification request * * @throws OperatorCreationException//w w w . j a v a 2 s. com * @throws PKICMPMessageException * @throws CertificateEncodingException * @throws IOException * @throws CRMFException * @throws CMPException * @throws CMSException */ @Test public void testCertificationWithPrivateKeyControl() throws OperatorCreationException, PKICMPMessageException, CertificateException, IOException, CRMFException, CMPException, CMSException, InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchFieldException, IllegalAccessException, CRLException { String distinguishedName = pki.getTestUser1Cert().getSubjectX500Principal().getName(); KeyPair keyPair = new KeyPair(pki.getTestUser1Cert().getPublicKey(), pki.getTestUser1CertPrivateKey()); PKICMPMessages pkiMessages = new PKICMPMessages(); pkiMessages.setPkiKeyStore(pkiKeyStoreRA); byte[] result = pkiMessages.createCertificateMessageWithLocalKey(distinguishedName, keyPair); ASN1InputStream asn1InputStream = new ASN1InputStream(result); ASN1Primitive asn1Primitive = asn1InputStream.readObject(); PKIMessage pkiMessage = PKIMessage.getInstance(asn1Primitive); CertReqMsg[] certReqMsgs = CertReqMessages.getInstance(pkiMessage.getBody().getContent()) .toCertReqMsgArray(); AttributeTypeAndValue[] attributeTypeAndValues = certReqMsgs[0].getCertReq().getControls() .toAttributeTypeAndValueArray(); GeneratePKI genPKI = new GeneratePKI(); genPKI.createPKI(); boolean bFound = false; for (AttributeTypeAndValue attributeTypeAndValue : attributeTypeAndValues) { if (attributeTypeAndValue.getType().equals(CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions)) { PKIArchiveControl pkiArchiveControl = new PKIArchiveControl( PKIArchiveOptions.getInstance(attributeTypeAndValue.getValue())); // Decrypt data CMSEnvelopedDataParser cmsEnvelopedDataParser = new CMSEnvelopedDataParser( pkiArchiveControl.getEnvelopedData().getEncoded()); RecipientInformationStore recipients = cmsEnvelopedDataParser.getRecipientInfos(); Collection c = recipients.getRecipients(); Iterator it = c.iterator(); if (it.hasNext()) { RecipientInformation recipient = (RecipientInformation) it.next(); byte[] recdata = recipient .getContent(new JceKeyTransEnvelopedRecipient(genPKI.getSubCACertPrivateKey()) .setProvider(pkiKeyStoreRA.getProvider())); ASN1InputStream tstAsn1InputStream = new ASN1InputStream(recdata); ASN1Primitive tstAsn1Primitive = tstAsn1InputStream.readObject(); EncKeyWithID encKeyWithID = EncKeyWithID.getInstance(tstAsn1Primitive); Assert.assertArrayEquals(keyPair.getPrivate().getEncoded(), encKeyWithID.getPrivateKey().getEncoded()); Assert.assertTrue(encKeyWithID.hasIdentifier()); GeneralName identifier = GeneralName.getInstance(encKeyWithID.getIdentifier()); Assert.assertEquals(genPKI.getTestUser1Cert().getSubjectDN().getName(), identifier.getName().toString()); bFound = true; } } } Assert.assertTrue(bFound); }
From source file:org.ejbca.core.protocol.cmp.authentication.RegTokenPasswordExtractor.java
License:Open Source License
@Override /*//from w w w . j a v a2 s .com * Extracts password from the CMRF request message parameters */ public boolean verifyOrExtract(final PKIMessage msg, final String username) { CertReqMsg req = getReq(msg); if (req == null) { this.errorMessage = "No request was found in the PKIMessage"; return false; } String pwd = null; // If there is "Registration Token Control" in the CertReqMsg regInfo containing a password, we can use that AttributeTypeAndValue[] avs = req.getRegInfo(); if (avs != null) { AttributeTypeAndValue av = null; int i = 0; do { av = avs[i]; if (av != null) { if (log.isDebugEnabled()) { log.debug("Found AttributeTypeAndValue (in CertReqMsg): " + av.getType().getId()); } if (StringUtils.equals(CRMFObjectIdentifiers.id_regCtrl_regToken.getId(), av.getType().getId())) { final ASN1Encodable enc = av.getValue(); final DERUTF8String str = DERUTF8String.getInstance(enc); pwd = str.getString(); if (log.isDebugEnabled()) { log.debug("Found a request password in CRMF request regCtrl_regToken"); } } } i++; } while ((av != null) && (pwd == null)); } if (pwd == null) { // If there is "Registration Token Control" in the CertRequest controls containing a password, we can use that // Note, this is the correct way to use the regToken according to RFC4211, section "6.1. Registration Token Control" if (req.getCertReq().getControls() != null) { avs = req.getCertReq().getControls().toAttributeTypeAndValueArray(); AttributeTypeAndValue av = null; int i = 0; do { av = avs[i]; if (av != null) { if (log.isDebugEnabled()) { log.debug("Found AttributeTypeAndValue (in CertReq): " + av.getType().getId()); } if (StringUtils.equals(CRMFObjectIdentifiers.id_regCtrl_regToken.getId(), av.getType().getId())) { final ASN1Encodable enc = av.getValue(); final DERUTF8String str = DERUTF8String.getInstance(enc); pwd = str.getString(); if (log.isDebugEnabled()) { log.debug("Found a request password in CRMF request regCtrl_regToken"); } } } i++; } while ((av != null) && (pwd == null)); } } if (pwd == null) { this.errorMessage = "Could not extract password from CRMF request using the " + getName() + " authentication module"; return false; } this.password = pwd; return this.password != null; }
From source file:org.xipki.ca.common.cmp.CmpUtil.java
License:Open Source License
public static CmpUtf8Pairs extract(final AttributeTypeAndValue[] atvs) { if (atvs == null) { return null; }// w w w . j av a2 s. c om for (AttributeTypeAndValue atv : atvs) { if (CMPObjectIdentifiers.regInfo_utf8Pairs.equals(atv.getType())) { String regInfoValue = ((ASN1String) atv.getValue()).getString(); return new CmpUtf8Pairs(regInfoValue); } } return null; }