Example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder ProtectedPKIMessageBuilder

List of usage examples for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder ProtectedPKIMessageBuilder

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.cmp.*
  5. ProtectedPKIMessageBuilder
  6. ProtectedPKIMessageBuilder

Introduction

In this page you can find the example usage for org.bouncycastle.cert.cmp ProtectedPKIMessageBuilder ProtectedPKIMessageBuilder.

Prototype

public ProtectedPKIMessageBuilder(GeneralName sender, GeneralName recipient)

Source Link

Document

Commence a message with the header version CMP_2000.

Usage

From source file:org.cryptable.pki.communication.PKICMPMessages.java

License:Open Source License

private byte[] createProtectedPKIMessage(PKIBody pkiBody) throws CMPException, OperatorCreationException,
        IOException, CertificateEncodingException, PKICMPMessageException {
    senderNonce = new byte[64];

    pkiKeyStore.getSecureRandom().nextBytes(senderNonce);

    if (transactionId == null) {
        transactionId = new byte[64];
        pkiKeyStore.getSecureRandom().nextBytes(transactionId);
    }/*w  w w .ja  va  2  s.  c  o  m*/

    ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption")
            .setProvider(pkiKeyStore.getProvider()).build(pkiKeyStore.getSenderPrivateKey());
    ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getSenderCertificate())),
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStore.getRecipientCertificate())))
                    .setMessageTime(new Date()).setSenderNonce(senderNonce).setTransactionID(transactionId)
                    .addCMPCertificate(
                            new X509CertificateHolder(pkiKeyStore.getSenderCertificate().getEncoded()))
                    .setBody(pkiBody).build(signer);

    return message.toASN1Structure().getEncoded();
}

From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java

License:Open Source License

private byte[] createProtectedPKIMessage(byte[] senderNonce, byte[] transactionId, PKIBody pkiBody)
        throws CMPException, OperatorCreationException, IOException, CertificateEncodingException,
        PKICMPMessageException {//from w  w  w  .ja v  a2s.c  o m
    byte[] recipientNonce = new byte[64];

    pkiKeyStoreCA.getSecureRandom().nextBytes(recipientNonce);

    ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSAEncryption")
            .setProvider(pkiKeyStoreCA.getProvider()).build(pkiKeyStoreCA.getSenderPrivateKey());
    ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getSenderCertificate())),
            new GeneralName(JcaX500NameUtil.getSubject(pkiKeyStoreCA.getRecipientCertificate())))
                    .setMessageTime(new Date()).setSenderNonce(recipientNonce).setRecipNonce(senderNonce)
                    .setTransactionID(transactionId)
                    .addCMPCertificate(
                            new X509CertificateHolder(pkiKeyStoreCA.getSenderCertificate().getEncoded()))
                    .setBody(pkiBody).build(signer);

    return message.toASN1Structure().getEncoded();
}

From source file:org.xipki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    if (signerName == null) {
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        signerName = new GeneralName(x500Name);
    }/*from   w ww. ja va 2 s .  c o m*/
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(signerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBCObject();
        builder.addCMPCertificate(signerCert);
    }

    ContentSigner realSigner = signer.borrowContentSigner();
    try {
        ProtectedPKIMessage signedMessage = builder.build(realSigner);
        return signedMessage.toASN1Structure();
    } finally {
        signer.returnContentSigner(realSigner);
    }
}

From source file:org.xipki.pki.ca.common.cmp.CmpUtil.java

License:Open Source License

public static PKIMessage addProtection(final PKIMessage pkiMessage, final ConcurrentContentSigner signer,
        final GeneralName signerName, final boolean addSignerCert) throws CMPException, NoIdleSignerException {
    ParamUtil.requireNonNull("pkiMessage", pkiMessage);
    ParamUtil.requireNonNull("signer", signer);

    final GeneralName tmpSignerName;
    if (signerName != null) {
        tmpSignerName = signerName;/*from w w w.  j  a  va 2s  . c o  m*/
    } else {
        if (signer.getCertificate() == null) {
            throw new IllegalArgumentException("signer without certificate is not allowed");
        }
        X500Name x500Name = X500Name
                .getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded());
        tmpSignerName = new GeneralName(x500Name);
    }
    PKIHeader header = pkiMessage.getHeader();
    ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(tmpSignerName, header.getRecipient());
    PKIFreeText freeText = header.getFreeText();
    if (freeText != null) {
        builder.setFreeText(freeText);
    }

    InfoTypeAndValue[] generalInfo = header.getGeneralInfo();
    if (generalInfo != null) {
        for (InfoTypeAndValue gi : generalInfo) {
            builder.addGeneralInfo(gi);
        }
    }

    ASN1OctetString octet = header.getRecipKID();
    if (octet != null) {
        builder.setRecipKID(octet.getOctets());
    }

    octet = header.getRecipNonce();
    if (octet != null) {
        builder.setRecipNonce(octet.getOctets());
    }

    octet = header.getSenderKID();
    if (octet != null) {
        builder.setSenderKID(octet.getOctets());
    }

    octet = header.getSenderNonce();
    if (octet != null) {
        builder.setSenderNonce(octet.getOctets());
    }

    octet = header.getTransactionID();
    if (octet != null) {
        builder.setTransactionID(octet.getOctets());
    }

    if (header.getMessageTime() != null) {
        builder.setMessageTime(new Date());
    }
    builder.setBody(pkiMessage.getBody());

    if (addSignerCert) {
        X509CertificateHolder signerCert = signer.getCertificateAsBcObject();
        builder.addCMPCertificate(signerCert);
    }

    ProtectedPKIMessage signedMessage = signer.build(builder);
    return signedMessage.toASN1Structure();
}