Example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder addCMPCertificate

List of usage examples for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder addCMPCertificate

Introduction

In this page you can find the example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder addCMPCertificate.

Prototype

public ProtectedPKIMessageBuilder addCMPCertificate(X509CertificateHolder extraCert) 

Source Link

Document

Add an "extra certificate" to the message.

Usage

From source file:org.xipki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    if (signerName == null) {
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        signerName = new GeneralName(x500Name);
    }//from   w  w  w . ja v  a  2  s .  c  o m
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(signerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBCObject();
        builder.addCMPCertificate(signerCert);
    }

    ContentSigner realSigner = signer.borrowContentSigner();
    try {
        ProtectedPKIMessage signedMessage = builder.build(realSigner);
        return signedMessage.toASN1Structure();
    } finally {
        signer.returnContentSigner(realSigner);
    }
}

From source file:org.xipki.pki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        final GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    ParamUtil.requireNonNull("pkiMessage", pkiMessage);
    ParamUtil.requireNonNull("signer", signer);

    final GeneralName tmpSignerName;
    if (signerName != null) {
        tmpSignerName = signerName;// w  ww.java2 s .  c om
    } else {
        if (signer.getCertificate() == null) {
            throw new IllegalArgumentException("signer without certificate is not allowed");
        }
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        tmpSignerName = new GeneralName(x500Name);
    }
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(tmpSignerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBcObject();
        builder.addCMPCertificate(signerCert);
    }

    ProtectedPKIMessage signedMessage = signer.build(builder);
    return signedMessage.toASN1Structure();
}