List of usage examples for org.bouncycastle.cert.cmp ProtectedPKIMessage toASN1Structure
public PKIMessage toASN1Structure()
From source file:org.cryptable.pki.communication.PKICMPMessages.java
License:Open Source License
private byte[] createProtectedPKIMessage(PKIBody pkiBody) throws CMPException, OperatorCreationException, IOException, CertificateEncodingException, PKICMPMessageException { senderNonce = new byte[64]; pkiKeyStore.getSecureRandom().nextBytes(senderNonce); if (transactionId == null) { transactionId = new byte[64]; pkiKeyStore.getSecureRandom().nextBytes(transactionId); }//w ww. ja v a2 s .c o m ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption") .setProvider(pkiKeyStore.getProvider()).build(pkiKeyStore.getSenderPrivateKey()); ProtectedPKIMessage message = new ProtectedPKIMessageBuilder( new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getSenderCertificate())), new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getRecipientCertificate()))) .setMessageTime(new Date()).setSenderNonce(senderNonce).setTransactionID(transactionId) .addCMPCertificate( new X509CertificateHolder(pkiKeyStore.getSenderCertificate().getEncoded())) .setBody(pkiBody).build(signer); return message.toASN1Structure().getEncoded(); }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
private byte[] createProtectedPKIMessage(byte[] senderNonce, byte[] transactionId, PKIBody pkiBody) throws CMPException, OperatorCreationException, IOException, CertificateEncodingException, PKICMPMessageException {/* w ww .j a v a 2 s . c o m*/ byte[] recipientNonce = new byte[64]; pkiKeyStoreCA.getSecureRandom().nextBytes(recipientNonce); ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption") .setProvider(pkiKeyStoreCA.getProvider()).build(pkiKeyStoreCA.getSenderPrivateKey()); ProtectedPKIMessage message = new ProtectedPKIMessageBuilder( new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getSenderCertificate())), new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getRecipientCertificate()))) .setMessageTime(new Date()).setSenderNonce(recipientNonce).setRecipNonce(senderNonce) .setTransactionID(transactionId) .addCMPCertificate( new X509CertificateHolder(pkiKeyStoreCA.getSenderCertificate().getEncoded())) .setBody(pkiBody).build(signer); return message.toASN1Structure().getEncoded(); }
From source file:org.xipki.ca.common.cmp.CmpUtil.java
License:Open Source License
public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer, GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException { if (signerName == null) { X500Name x500Name = X500Name .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded()); signerName = new GeneralName(x500Name); }/*from w w w.j av a 2 s. c o m*/ PKIHeader header = pkiMessage.getHeader(); ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(signerName, header.getRecipient()); PKIFreeText freeText = header.getFreeText(); if (freeText != null) { builder.setFreeText(freeText); } InfoTypeAndValue[] generalInfo = header.getGeneralInfo(); if (generalInfo != null) { for (InfoTypeAndValue gi : generalInfo) { builder.addGeneralInfo(gi); } } ASN1OctetString octet = header.getRecipKID(); if (octet != null) { builder.setRecipKID(octet.getOctets()); } octet = header.getRecipNonce(); if (octet != null) { builder.setRecipNonce(octet.getOctets()); } octet = header.getSenderKID(); if (octet != null) { builder.setSenderKID(octet.getOctets()); } octet = header.getSenderNonce(); if (octet != null) { builder.setSenderNonce(octet.getOctets()); } octet = header.getTransactionID(); if (octet != null) { builder.setTransactionID(octet.getOctets()); } if (header.getMessageTime() != null) { builder.setMessageTime(new Date()); } builder.setBody(pkiMessage.getBody()); if (addSignerCert) { X509CertificateHolder signerCert = signer.getCertificateAsBCObject(); builder.addCMPCertificate(signerCert); } ContentSigner realSigner = signer.borrowContentSigner(); try { ProtectedPKIMessage signedMessage = builder.build(realSigner); return signedMessage.toASN1Structure(); } finally { signer.returnContentSigner(realSigner); } }
From source file:org.xipki.pki.ca.common.cmp.CmpUtil.java
License:Open Source License
public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer, final GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException { ParamUtil.requireNonNull("pkiMessage", pkiMessage); ParamUtil.requireNonNull("signer", signer); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName;//ww w .j a v a 2s.c o m } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } PKIHeader header = pkiMessage.getHeader(); ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(tmpSignerName, header.getRecipient()); PKIFreeText freeText = header.getFreeText(); if (freeText != null) { builder.setFreeText(freeText); } InfoTypeAndValue[] generalInfo = header.getGeneralInfo(); if (generalInfo != null) { for (InfoTypeAndValue gi : generalInfo) { builder.addGeneralInfo(gi); } } ASN1OctetString octet = header.getRecipKID(); if (octet != null) { builder.setRecipKID(octet.getOctets()); } octet = header.getRecipNonce(); if (octet != null) { builder.setRecipNonce(octet.getOctets()); } octet = header.getSenderKID(); if (octet != null) { builder.setSenderKID(octet.getOctets()); } octet = header.getSenderNonce(); if (octet != null) { builder.setSenderNonce(octet.getOctets()); } octet = header.getTransactionID(); if (octet != null) { builder.setTransactionID(octet.getOctets()); } if (header.getMessageTime() != null) { builder.setMessageTime(new Date()); } builder.setBody(pkiMessage.getBody()); if (addSignerCert) { X509CertificateHolder signerCert = signer.getCertificateAsBcObject(); builder.addCMPCertificate(signerCert); } ProtectedPKIMessage signedMessage = signer.build(builder); return signedMessage.toASN1Structure(); }