Example 1 with AttributeTypeAndValue
use of com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class X509CmpRequestor method buildPkiMessage.
private PKIMessage buildPkiMessage(EnrollCertRequest req) {
PKIHeader header = buildPkiHeader(implicitConfirm, null);
List<EnrollCertRequestEntry> reqEntries = req.getRequestEntries();
CertReqMsg[] certReqMsgs = new CertReqMsg[reqEntries.size()];
for (int i = 0; i < reqEntries.size(); i++) {
EnrollCertRequestEntry reqEntry = reqEntries.get(i);
CmpUtf8Pairs utf8Pairs = new CmpUtf8Pairs(CmpUtf8Pairs.KEY_CERTPROFILE, reqEntry.getCertprofile());
AttributeTypeAndValue certprofileInfo = CmpUtil.buildAttributeTypeAndValue(utf8Pairs);
AttributeTypeAndValue[] atvs = (certprofileInfo == null) ? null : new AttributeTypeAndValue[] { certprofileInfo };
certReqMsgs[i] = new CertReqMsg(reqEntry.getCertReq(), reqEntry.getPopo(), atvs);
}
int bodyType;
switch(req.getType()) {
case CERT_REQ:
bodyType = PKIBody.TYPE_CERT_REQ;
break;
case KEY_UPDATE:
bodyType = PKIBody.TYPE_KEY_UPDATE_REQ;
break;
default:
bodyType = PKIBody.TYPE_CROSS_CERT_REQ;
}
PKIBody body = new PKIBody(bodyType, new CertReqMessages(certReqMsgs));
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CertReqMessages(org.bouncycastle.asn1.crmf.CertReqMessages)
CmpUtf8Pairs(org.xipki.cmp.CmpUtf8Pairs)
CertReqMsg(org.bouncycastle.asn1.crmf.CertReqMsg)
EnrollCertRequestEntry(org.xipki.ca.client.api.dto.EnrollCertRequestEntry)
AttributeTypeAndValue(org.bouncycastle.asn1.crmf.AttributeTypeAndValue)
Example 2 with AttributeTypeAndValue
use of com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class X509CmpRequestor method buildPkiMessage.
// method buildPkiMessage
private PKIMessage buildPkiMessage(CertRequest req, ProofOfPossession pop, String profileName) {
PKIHeader header = buildPkiHeader(implicitConfirm, null);
CmpUtf8Pairs utf8Pairs = new CmpUtf8Pairs(CmpUtf8Pairs.KEY_CERTPROFILE, profileName);
AttributeTypeAndValue certprofileInfo = CmpUtil.buildAttributeTypeAndValue(utf8Pairs);
CertReqMsg[] certReqMsgs = new CertReqMsg[1];
certReqMsgs[0] = new CertReqMsg(req, pop, new AttributeTypeAndValue[] { certprofileInfo });
PKIBody body = new PKIBody(PKIBody.TYPE_CERT_REQ, new CertReqMessages(certReqMsgs));
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CertReqMessages(org.bouncycastle.asn1.crmf.CertReqMessages)
CmpUtf8Pairs(org.xipki.cmp.CmpUtf8Pairs)
CertReqMsg(org.bouncycastle.asn1.crmf.CertReqMsg)
AttributeTypeAndValue(org.bouncycastle.asn1.crmf.AttributeTypeAndValue)
Example 3 with AttributeTypeAndValue
use of com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue in project LinLong-Java by zhenwei1108.
the class CertificateRequestMessage method findControl.
private AttributeTypeAndValue findControl(ASN1ObjectIdentifier type) {
if (controls == null) {
return null;
}
AttributeTypeAndValue[] tAndVs = controls.toAttributeTypeAndValueArray();
AttributeTypeAndValue found = null;
for (int i = 0; i != tAndVs.length; i++) {
if (tAndVs[i].getType().equals(type)) {
found = tAndVs[i];
break;
}
}
return found;
}
Also used :
AttributeTypeAndValue(com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue)
Example 4 with AttributeTypeAndValue
use of com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class CmpCaClient method requestCertViaCrmf.
public X509Certificate requestCertViaCrmf(String certProfile, PrivateKey privateKey, SubjectPublicKeyInfo publicKeyInfo, String subject) throws Exception {
CertTemplateBuilder certTemplateBuilder = new CertTemplateBuilder();
certTemplateBuilder.setSubject(new X500Name(subject));
certTemplateBuilder.setPublicKey(publicKeyInfo);
CertRequest certReq = new CertRequest(1, certTemplateBuilder.build(), null);
ProofOfPossessionSigningKeyBuilder popoBuilder = new ProofOfPossessionSigningKeyBuilder(certReq);
ContentSigner popoSigner = buildSigner(privateKey);
POPOSigningKey popoSk = popoBuilder.build(popoSigner);
ProofOfPossession popo = new ProofOfPossession(popoSk);
AttributeTypeAndValue certprofileInfo = new AttributeTypeAndValue(CMPObjectIdentifiers.regInfo_utf8Pairs, new DERUTF8String("CERT-PROFILE?" + certProfile + "%"));
AttributeTypeAndValue[] atvs = { certprofileInfo };
CertReqMsg certReqMsg = new CertReqMsg(certReq, popo, atvs);
PKIBody body = new PKIBody(PKIBody.TYPE_CERT_REQ, new CertReqMessages(certReqMsg));
ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(PKIHeader.CMP_2000, requestorSubject, responderSubject);
builder.setMessageTime(new Date());
builder.setTransactionID(randomTransactionId());
builder.setSenderNonce(randomSenderNonce());
builder.addGeneralInfo(new InfoTypeAndValue(CMPObjectIdentifiers.it_implicitConfirm, DERNull.INSTANCE));
builder.setBody(body);
ProtectedPKIMessage request = builder.build(requestorSigner);
PKIMessage response = transmit(request);
return parseEnrollCertResult(response);
}
Also used :
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
GeneralPKIMessage(org.bouncycastle.cert.cmp.GeneralPKIMessage)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CertReqMessages(org.bouncycastle.asn1.crmf.CertReqMessages)
CertReqMsg(org.bouncycastle.asn1.crmf.CertReqMsg)
ContentSigner(org.bouncycastle.operator.ContentSigner)
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
ProofOfPossession(org.bouncycastle.asn1.crmf.ProofOfPossession)
X500Name(org.bouncycastle.asn1.x500.X500Name)
AttributeTypeAndValue(org.bouncycastle.asn1.crmf.AttributeTypeAndValue)
Date(java.util.Date)
CertTemplateBuilder(org.bouncycastle.asn1.crmf.CertTemplateBuilder)
CertRequest(org.bouncycastle.asn1.crmf.CertRequest)
InfoTypeAndValue(org.bouncycastle.asn1.cmp.InfoTypeAndValue)
ProofOfPossessionSigningKeyBuilder(org.bouncycastle.cert.crmf.ProofOfPossessionSigningKeyBuilder)
ProtectedPKIMessageBuilder(org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder)
POPOSigningKey(org.bouncycastle.asn1.crmf.POPOSigningKey)
Example 5 with AttributeTypeAndValue
use of com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue in project LinLong-Java by zhenwei1108.
the class CertificateRequestMessageBuilder method build.
public CertificateRequestMessage build() throws CRMFException {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(certReqId));
if (!extGenerator.isEmpty()) {
templateBuilder.setExtensions(extGenerator.generate());
}
v.add(templateBuilder.build());
if (!controls.isEmpty()) {
ASN1EncodableVector controlV = new ASN1EncodableVector();
for (Iterator it = controls.iterator(); it.hasNext(); ) {
Control control = (Control) it.next();
controlV.add(new AttributeTypeAndValue(control.getType(), control.getValue()));
}
v.add(new DERSequence(controlV));
}
CertRequest request = CertRequest.getInstance(new DERSequence(v));
v = new ASN1EncodableVector();
v.add(request);
if (popSigner != null) {
CertTemplate template = request.getCertTemplate();
if (template.getSubject() == null || template.getPublicKey() == null) {
SubjectPublicKeyInfo pubKeyInfo = request.getCertTemplate().getPublicKey();
ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo);
if (sender != null) {
builder.setSender(sender);
} else {
PKMACValueGenerator pkmacGenerator = new PKMACValueGenerator(pkmacBuilder);
builder.setPublicKeyMac(pkmacGenerator, password);
}
v.add(new ProofOfPossession(builder.build(popSigner)));
} else {
ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request);
v.add(new ProofOfPossession(builder.build(popSigner)));
}
} else if (popoPrivKey != null) {
v.add(new ProofOfPossession(popoType, popoPrivKey));
} else if (agreeMAC != null) {
v.add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT, POPOPrivKey.getInstance(new DERTaggedObject(false, POPOPrivKey.agreeMAC, agreeMAC))));
} else if (popRaVerified != null) {
v.add(new ProofOfPossession());
}
return new CertificateRequestMessage(CertReqMsg.getInstance(new DERSequence(v)));
}
Also used :
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
ProofOfPossession(com.github.zhenwei.pkix.util.asn1.crmf.ProofOfPossession)
ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer)
SubjectPublicKeyInfo(com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)
AttributeTypeAndValue(com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue)
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
CertRequest(com.github.zhenwei.pkix.util.asn1.crmf.CertRequest)
Iterator(java.util.Iterator)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
CertTemplate(com.github.zhenwei.pkix.util.asn1.crmf.CertTemplate)
Aggregations
PKIBody (org.bouncycastle.asn1.cmp.PKIBody)3
PKIMessage (org.bouncycastle.asn1.cmp.PKIMessage)3
AttributeTypeAndValue (org.bouncycastle.asn1.crmf.AttributeTypeAndValue)3
CertReqMessages (org.bouncycastle.asn1.crmf.CertReqMessages)3
CertReqMsg (org.bouncycastle.asn1.crmf.CertReqMsg)3
AttributeTypeAndValue (com.github.zhenwei.pkix.util.asn1.crmf.AttributeTypeAndValue)2
PKIHeader (org.bouncycastle.asn1.cmp.PKIHeader)2
CmpUtf8Pairs (org.xipki.cmp.CmpUtf8Pairs)2
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)1
ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)1
DERSequence (com.github.zhenwei.core.asn1.DERSequence)1
DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)1
SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)1
CertRequest (com.github.zhenwei.pkix.util.asn1.crmf.CertRequest)1
CertTemplate (com.github.zhenwei.pkix.util.asn1.crmf.CertTemplate)1
ProofOfPossession (com.github.zhenwei.pkix.util.asn1.crmf.ProofOfPossession)1
Date (java.util.Date)1
Iterator (java.util.Iterator)1
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)1
InfoTypeAndValue (org.bouncycastle.asn1.cmp.InfoTypeAndValue)1
