Example 36 with PKIMessage
use of org.bouncycastle.asn1.cmp.PKIMessage in project xipki by xipki.
the class CmpRequestor method buildMessageWithXipkAction.
// method verifyProtection
protected PKIMessage buildMessageWithXipkAction(int action, ASN1Encodable value) throws CmpRequestorException {
PKIHeader header = buildPkiHeader(null);
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(new ASN1Integer(action));
if (value != null) {
vec.add(value);
}
InfoTypeAndValue itv = new InfoTypeAndValue(ObjectIdentifiers.id_xipki_cmp_cmpGenmsg, new DERSequence(vec));
GenMsgContent genMsgContent = new GenMsgContent(itv);
PKIBody body = new PKIBody(PKIBody.TYPE_GEN_MSG, genMsgContent);
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
GeneralPKIMessage(org.bouncycastle.cert.cmp.GeneralPKIMessage)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
DERSequence(org.bouncycastle.asn1.DERSequence)
GenMsgContent(org.bouncycastle.asn1.cmp.GenMsgContent)
InfoTypeAndValue(org.bouncycastle.asn1.cmp.InfoTypeAndValue)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
Example 37 with PKIMessage
use of org.bouncycastle.asn1.cmp.PKIMessage in project xipki by xipki.
the class X509CmpRequestor method revokeCertificate.
// method evaluateCrlResponse
public RevokeCertResultType revokeCertificate(RevokeCertRequest request, RequestResponseDebug debug) throws CmpRequestorException, PkiErrorException {
ParamUtil.requireNonNull("request", request);
PKIMessage reqMessage = buildRevokeCertRequest(request);
PkiResponse response = signAndSend(reqMessage, debug);
return parse(response, request.getRequestEntries());
}
Also used :
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
PkiResponse(org.xipki.cmp.PkiResponse)
Example 38 with PKIMessage
use of org.bouncycastle.asn1.cmp.PKIMessage in project xipki by xipki.
the class X509CmpRequestor method buildPkiMessage.
// method buildUnrevokeOrRemoveCertRequest
private PKIMessage buildPkiMessage(CsrEnrollCertRequest csr, Date notBefore, Date notAfter) {
CmpUtf8Pairs utf8Pairs = new CmpUtf8Pairs(CmpUtf8Pairs.KEY_CERTPROFILE, csr.getCertprofile());
if (notBefore != null) {
utf8Pairs.putUtf8Pair(CmpUtf8Pairs.KEY_NOTBEFORE, DateUtil.toUtcTimeyyyyMMddhhmmss(notBefore));
}
if (notAfter != null) {
utf8Pairs.putUtf8Pair(CmpUtf8Pairs.KEY_NOTAFTER, DateUtil.toUtcTimeyyyyMMddhhmmss(notAfter));
}
PKIHeader header = buildPkiHeader(implicitConfirm, null, utf8Pairs);
PKIBody body = new PKIBody(PKIBody.TYPE_P10_CERT_REQ, csr.getCsr());
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CmpUtf8Pairs(org.xipki.cmp.CmpUtf8Pairs)
Example 39 with PKIMessage
use of org.bouncycastle.asn1.cmp.PKIMessage in project xipki by xipki.
the class X509CmpRequestor method buildCertConfirmRequest.
// method requestCertificate0
private PKIMessage buildCertConfirmRequest(ASN1OctetString tid, CertificateConfirmationContentBuilder certConfirmBuilder) throws CmpRequestorException {
PKIHeader header = buildPkiHeader(implicitConfirm, tid, null, (InfoTypeAndValue[]) null);
CertificateConfirmationContent certConfirm;
try {
certConfirm = certConfirmBuilder.build(DIGEST_CALCULATOR_PROVIDER);
} catch (CMPException ex) {
throw new CmpRequestorException(ex.getMessage(), ex);
}
PKIBody body = new PKIBody(PKIBody.TYPE_CERT_CONFIRM, certConfirm.toASN1Structure());
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
CertificateConfirmationContent(org.bouncycastle.cert.cmp.CertificateConfirmationContent)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CMPException(org.bouncycastle.cert.cmp.CMPException)
InfoTypeAndValue(org.bouncycastle.asn1.cmp.InfoTypeAndValue)
Example 40 with PKIMessage
use of org.bouncycastle.asn1.cmp.PKIMessage in project xipki by xipki.
the class X509CmpRequestor method buildRevokeCertRequest.
private PKIMessage buildRevokeCertRequest(RevokeCertRequest request) throws CmpRequestorException {
PKIHeader header = buildPkiHeader(null);
List<RevokeCertRequestEntry> requestEntries = request.getRequestEntries();
List<RevDetails> revDetailsArray = new ArrayList<>(requestEntries.size());
for (RevokeCertRequestEntry requestEntry : requestEntries) {
CertTemplateBuilder certTempBuilder = new CertTemplateBuilder();
certTempBuilder.setIssuer(requestEntry.getIssuer());
certTempBuilder.setSerialNumber(new ASN1Integer(requestEntry.getSerialNumber()));
byte[] aki = requestEntry.getAuthorityKeyIdentifier();
if (aki != null) {
Extensions certTempExts = getCertTempExtensions(aki);
certTempBuilder.setExtensions(certTempExts);
}
Date invalidityDate = requestEntry.getInvalidityDate();
int idx = (invalidityDate == null) ? 1 : 2;
Extension[] extensions = new Extension[idx];
try {
ASN1Enumerated reason = new ASN1Enumerated(requestEntry.getReason());
extensions[0] = new Extension(Extension.reasonCode, true, new DEROctetString(reason.getEncoded()));
if (invalidityDate != null) {
ASN1GeneralizedTime time = new ASN1GeneralizedTime(invalidityDate);
extensions[1] = new Extension(Extension.invalidityDate, true, new DEROctetString(time.getEncoded()));
}
} catch (IOException ex) {
throw new CmpRequestorException(ex.getMessage(), ex);
}
Extensions exts = new Extensions(extensions);
RevDetails revDetails = new RevDetails(certTempBuilder.build(), exts);
revDetailsArray.add(revDetails);
}
RevReqContent content = new RevReqContent(revDetailsArray.toArray(new RevDetails[0]));
PKIBody body = new PKIBody(PKIBody.TYPE_REVOCATION_REQ, content);
return new PKIMessage(header, body);
}
Also used :
PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
RevokeCertRequestEntry(org.xipki.ca.client.api.dto.RevokeCertRequestEntry)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
ArrayList(java.util.ArrayList)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
Extensions(org.bouncycastle.asn1.x509.Extensions)
RevReqContent(org.bouncycastle.asn1.cmp.RevReqContent)
Date(java.util.Date)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Extension(org.bouncycastle.asn1.x509.Extension)
CertTemplateBuilder(org.bouncycastle.asn1.crmf.CertTemplateBuilder)
ASN1Enumerated(org.bouncycastle.asn1.ASN1Enumerated)
RevDetails(org.bouncycastle.asn1.cmp.RevDetails)
Aggregations
PKIMessage (org.bouncycastle.asn1.cmp.PKIMessage)31
PKIBody (org.bouncycastle.asn1.cmp.PKIBody)24
Date (java.util.Date)18
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)16
PKIHeader (org.bouncycastle.asn1.cmp.PKIHeader)16
IOException (java.io.IOException)14
ProtectedPKIMessage (org.bouncycastle.cert.cmp.ProtectedPKIMessage)13
X509Certificate (java.security.cert.X509Certificate)12
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)11
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)11
GeneralPKIMessage (org.bouncycastle.cert.cmp.GeneralPKIMessage)11
DEROctetString (org.bouncycastle.asn1.DEROctetString)10
InfoTypeAndValue (org.bouncycastle.asn1.cmp.InfoTypeAndValue)9
ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)9
BigInteger (java.math.BigInteger)8
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)8
X500Name (org.bouncycastle.asn1.x500.X500Name)7
Extensions (org.bouncycastle.asn1.x509.Extensions)7
InvalidKeyException (java.security.InvalidKeyException)6
CertificateException (java.security.cert.CertificateException)6
