Example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder build

List of usage examples for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder build

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.cmp.*
  5. ProtectedPKIMessageBuilder
  6. build

Introduction

In this page you can find the example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder build.

Prototype

public ProtectedPKIMessage build(ContentSigner signer) throws CMPException

Source Link

Document

Build a protected PKI message which has MAC based integrity protection.

Usage

From source file:org.xipki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    if (signerName == null) {
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        signerName = new GeneralName(x500Name);
    }/*from   w  w  w  .ja v  a2s  .  c o  m*/
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(signerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBCObject();
        builder.addCMPCertificate(signerCert);
    }

    ContentSigner realSigner = signer.borrowContentSigner();
    try {
        ProtectedPKIMessage signedMessage = builder.build(realSigner);
        return signedMessage.toASN1Structure();
    } finally {
        signer.returnContentSigner(realSigner);
    }
}

From source file:org.xipki.commons.security.DefaultConcurrentContentSigner.java

License:Open Source License

@Override
public ProtectedPKIMessage build(final ProtectedPKIMessageBuilder builder)
        throws NoIdleSignerException, CMPException {
    ContentSigner contentSigner = borrowContentSigner();
    try {//from ww w  .  j a  v a2s  . c  o  m
        return builder.build(contentSigner);
    } finally {
        returnContentSigner(contentSigner);
    }
}