public static PKIBody getInstance(Object o) { if (o == null || o instanceof PKIBody) { return (PKIBody)o; } if (o instanceof ASN1TaggedObject) { return new PKIBody((ASN1TaggedObject)o); } throw new IllegalArgumentException("Invalid object: " + o.getClass().getName()); }
private ASN1Encodable extractGeneralRepContent(PKIMessage response, String expectedType) throws Exception { PKIBody respBody = response.getBody(); int bodyType = respBody.getType(); if (PKIBody.TYPE_ERROR == bodyType) { ErrorMsgContent content = ErrorMsgContent.getInstance(respBody.getContent()); throw new Exception("Server returned PKIStatus: " + buildText(content.getPKIStatusInfo())); } else if (PKIBody.TYPE_GEN_REP != bodyType) { throw new Exception(String.format("unknown PKI body type %s instead the expected [%s, %s]", bodyType, PKIBody.TYPE_GEN_REP, PKIBody.TYPE_ERROR)); } GenRepContent genRep = GenRepContent.getInstance(respBody.getContent()); InfoTypeAndValue[] itvs = genRep.toInfoTypeAndValueArray(); InfoTypeAndValue itv = null; if (itvs != null && itvs.length > 0) { for (InfoTypeAndValue entry : itvs) { if (expectedType.equals(entry.getInfoType().getId())) { itv = entry; break; } } } if (itv == null) { throw new Exception("the response does not contain InfoTypeAndValue " + expectedType); } return itv.getInfoValue(); } // method extractGeneralRepContent
/** * Creates a new PKIBody. * @param type one of the TYPE_* constants * @param content message content */ public PKIBody( int type, ASN1Encodable content) { tagNo = type; body = getBodyForType(type, content); }
final int type = reqBody.getType(); case PKIBody.TYPE_CERT_CONFIRM: event.addEventType(CaAuditConstants.TYPE_CMP_certConf); CertConfirmContent certConf = (CertConfirmContent) reqBody.getContent(); respBody = confirmCertificates(tid, certConf, msgId); break; case PKIBody.TYPE_CONFIRM: event.addEventType(CaAuditConstants.TYPE_CMP_pkiconf); respBody = new PKIBody(PKIBody.TYPE_CONFIRM, DERNull.INSTANCE); break; case PKIBody.TYPE_GEN_MSG: event.addEventType(CaAuditConstants.TYPE_CMP_error); revokePendingCertificates(tid, msgId); respBody = new PKIBody(PKIBody.TYPE_CONFIRM, DERNull.INSTANCE); break; default: new PKIFailureInfo(PKIFailureInfo.notAuthorized))); respBody = new PKIBody(PKIBody.TYPE_ERROR, emc); if (respBody.getType() == PKIBody.TYPE_ERROR) { ErrorMsgContent errorMsgContent = (ErrorMsgContent) respBody.getContent();
boolean allRevdetailsOfSameType = true; RevReqContent rr = RevReqContent.getInstance(reqBody.getContent()); RevDetails[] revContent = rr.toRevDetailsArray(); new PKIFailureInfo(PKIFailureInfo.badRequest))); return new PKIBody(PKIBody.TYPE_ERROR, emc);
private PKIMessage(ASN1Sequence seq) { Enumeration en = seq.getObjects(); header = PKIHeader.getInstance(en.nextElement()); body = PKIBody.getInstance(en.nextElement()); while (en.hasMoreElements()) { ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement(); if (tObj.getTagNo() == 0) { protection = DERBitString.getInstance(tObj, true); } else { extraCerts = ASN1Sequence.getInstance(tObj, true); } } }
int bodyType = respBody.getType(); if (bodyType != PKIBody.TYPE_ERROR) { throw new Exception("response is not signed");
private PKIBody cmpGeneralMsg(PKIHeaderBuilder respHeader, CmpControl cmpControl, PKIHeader reqHeader, PKIBody reqBody, CmpRequestorInfo requestor, ASN1OctetString tid, String msgId, AuditEvent event) throws InsuffientPermissionException { GenMsgContent genMsgBody = GenMsgContent.getInstance(reqBody.getContent()); InfoTypeAndValue[] itvs = genMsgBody.toInfoTypeAndValueArray(); return new PKIBody(PKIBody.TYPE_GEN_REP, genRepContent); } catch (OperationException ex) { failureInfo = getPKiFailureInfo(ex);
private ProtectedPart(ASN1Sequence seq) { header = PKIHeader.getInstance(seq.getObjectAt(0)); body = PKIBody.getInstance(seq.getObjectAt(1)); }
int bodyType = respBody.getType(); if (bodyType != PKIBody.TYPE_ERROR) { throw new CmpClientException("response is not signed");
public static PKIBody getInstance(Object o) { if (o == null || o instanceof PKIBody) { return (PKIBody)o; } if (o instanceof ASN1TaggedObject) { return new PKIBody((ASN1TaggedObject)o); } throw new IllegalArgumentException("Invalid object: " + o.getClass().getName()); }
private ProtectedPart(ASN1Sequence seq) { header = PKIHeader.getInstance(seq.getObjectAt(0)); body = PKIBody.getInstance(seq.getObjectAt(1)); }
/** * Creates a new PKIBody. * @param type one of the TYPE_* constants * @param content message content */ public PKIBody( int type, ASN1Encodable content) { tagNo = type; body = getBodyForType(type, content); }
private boolean parseRevocationResult(PKIMessage response, BigInteger serialNumber) throws Exception { PKIBody respBody = response.getBody(); final int bodyType = respBody.getType(); ErrorMsgContent content = ErrorMsgContent.getInstance(respBody.getContent()); throw new Exception("Server returned PKIStatus: " + content.getPKIStatusInfo()); } else if (PKIBody.TYPE_REVOCATION_REP != bodyType) { RevRepContent content = RevRepContent.getInstance(respBody.getContent()); PKIStatusInfo[] statuses = content.getStatus(); int statusesLen = (statuses == null) ? 0 : statuses.length;
List<CertResponse> certResponses = new ArrayList<>(1); boolean kup = (request.getBody().getType() == PKIBody.TYPE_KEY_UPDATE_REQ);
private PKIBody processCcp(String dfltCertprofileName, PKIMessage request, CmpRequestorInfo requestor, ASN1OctetString tid, PKIHeader reqHeader, CertReqMessages cr, CmpControl cmpControl, String msgId, AuditEvent event) throws InsuffientPermissionException { CertRepMessage repMessage = processCertReqMessages(dfltCertprofileName, Boolean.FALSE, request, requestor, tid, reqHeader, cr, false, cmpControl, msgId, event); return new PKIBody(PKIBody.TYPE_CROSS_CERT_REP, repMessage); }
private PKIMessage(ASN1Sequence seq) { Enumeration en = seq.getObjects(); header = PKIHeader.getInstance(en.nextElement()); body = PKIBody.getInstance(en.nextElement()); while (en.hasMoreElements()) { ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement(); if (tObj.getTagNo() == 0) { protection = DERBitString.getInstance(tObj, true); } else { extraCerts = ASN1Sequence.getInstance(tObj, true); } } }
private PKIBody(ASN1TaggedObject tagged) { tagNo = tagged.getTagNo(); body = getBodyForType(tagNo, tagged.getObject()); }
int type = reqBody.getType(); switch (type) { case PKIBody.TYPE_INIT_REQ: checkPermission(requestor, PermissionConstants.ENROLL_CERT); respBody = processIr(dfltCertprofileName, dfltCaGenKeypair, request, requestor, tid, reqHeader, CertReqMessages.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; case PKIBody.TYPE_CERT_REQ: checkPermission(requestor, PermissionConstants.ENROLL_CERT); respBody = processCr(dfltCertprofileName, dfltCaGenKeypair, request, requestor, tid, reqHeader, CertReqMessages.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; case PKIBody.TYPE_KEY_UPDATE_REQ: checkPermission(requestor, PermissionConstants.KEY_UPDATE); respBody = processKur(dfltCertprofileName, dfltCaGenKeypair, request, requestor, tid, reqHeader, CertReqMessages.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; case PKIBody.TYPE_P10_CERT_REQ: checkPermission(requestor, PermissionConstants.ENROLL_CERT); respBody = processP10cr(dfltCertprofileName, request, requestor, tid, reqHeader, CertificationRequest.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; case PKIBody.TYPE_CROSS_CERT_REQ: checkPermission(requestor, PermissionConstants.ENROLL_CROSS); respBody = processCcp(dfltCertprofileName, request, requestor, tid, reqHeader, CertReqMessages.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; default:
private PKIBody processIr(String dfltCertprofileName, Boolean dfltCaGenKeypair, PKIMessage request, CmpRequestorInfo requestor, ASN1OctetString tid, PKIHeader reqHeader, CertReqMessages cr, CmpControl cmpControl, String msgId, AuditEvent event) throws InsuffientPermissionException { CertRepMessage repMessage = processCertReqMessages(dfltCertprofileName, dfltCaGenKeypair, request, requestor, tid, reqHeader, cr, true, cmpControl, msgId, event); return new PKIBody(PKIBody.TYPE_INIT_REP, repMessage); }