Example usage for org.bouncycastle.cert.cmp ProtectedPKIMessage toASN1Structure

List of usage examples for org.bouncycastle.cert.cmp ProtectedPKIMessage toASN1Structure

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.cmp.*
  5. ProtectedPKIMessage
  6. toASN1Structure

Introduction

In this page you can find the example usage for org.bouncycastle.cert.cmp ProtectedPKIMessage toASN1Structure.

Prototype

public PKIMessage toASN1Structure()

Source Link

Document

Return the underlying ASN.1 structure contained in this object.

Usage

From source file:org.cryptable.pki.communication.PKICMPMessages.java

License:Open Source License

private byte[] createProtectedPKIMessage(PKIBody pkiBody) throws CMPException, OperatorCreationException,
        IOException, CertificateEncodingException, PKICMPMessageException {
    senderNonce = new byte[64];

    pkiKeyStore.getSecureRandom().nextBytes(senderNonce);

    if (transactionId == null) {
        transactionId = new byte[64];
        pkiKeyStore.getSecureRandom().nextBytes(transactionId);
    }//w ww. ja  v a2 s .c o m

    ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption")
            .setProvider(pkiKeyStore.getProvider()).build(pkiKeyStore.getSenderPrivateKey());
    ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getSenderCertificate())),
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getRecipientCertificate())))
                    .setMessageTime(new Date()).setSenderNonce(senderNonce).setTransactionID(transactionId)
                    .addCMPCertificate(
                            new X509CertificateHolder(pkiKeyStore.getSenderCertificate().getEncoded()))
                    .setBody(pkiBody).build(signer);

    return message.toASN1Structure().getEncoded();
}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

private byte[] createProtectedPKIMessage(byte[] senderNonce, byte[] transactionId, PKIBody pkiBody)
        throws CMPException, OperatorCreationException, IOException, CertificateEncodingException,
        PKICMPMessageException {/*  w ww  .j  a v  a  2  s . c  o  m*/
    byte[] recipientNonce = new byte[64];

    pkiKeyStoreCA.getSecureRandom().nextBytes(recipientNonce);

    ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption")
            .setProvider(pkiKeyStoreCA.getProvider()).build(pkiKeyStoreCA.getSenderPrivateKey());
    ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getSenderCertificate())),
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getRecipientCertificate())))
                    .setMessageTime(new Date()).setSenderNonce(recipientNonce).setRecipNonce(senderNonce)
                    .setTransactionID(transactionId)
                    .addCMPCertificate(
                            new X509CertificateHolder(pkiKeyStoreCA.getSenderCertificate().getEncoded()))
                    .setBody(pkiBody).build(signer);

    return message.toASN1Structure().getEncoded();
}

From source file:org.xipki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    if (signerName == null) {
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        signerName = new GeneralName(x500Name);
    }/*from  w  w w.j  av a 2  s. c o m*/
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(signerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBCObject();
        builder.addCMPCertificate(signerCert);
    }

    ContentSigner realSigner = signer.borrowContentSigner();
    try {
        ProtectedPKIMessage signedMessage = builder.build(realSigner);
        return signedMessage.toASN1Structure();
    } finally {
        signer.returnContentSigner(realSigner);
    }
}

From source file:org.xipki.pki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        final GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    ParamUtil.requireNonNull("pkiMessage", pkiMessage);
    ParamUtil.requireNonNull("signer", signer);

    final GeneralName tmpSignerName;
    if (signerName != null) {
        tmpSignerName = signerName;//ww w  .j  a  v a  2s.c  o m
    } else {
        if (signer.getCertificate() == null) {
            throw new IllegalArgumentException("signer without certificate is not allowed");
        }
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        tmpSignerName = new GeneralName(x500Name);
    }
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(tmpSignerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBcObject();
        builder.addCMPCertificate(signerCert);
    }

    ProtectedPKIMessage signedMessage = signer.build(builder);
    return signedMessage.toASN1Structure();
}