public static CertificationRequest parseCsr(byte[] csrBytes) { Args.notNull(csrBytes, "csrBytes"); return CertificationRequest.getInstance(toDerEncoded(csrBytes)); }
public static X509Certificate generateSelfsignedCert(CertificationRequest csr, PrivateKey identityKey) throws CertificateException { requireNonNull("csr", csr); return generateSelfsignedCert(csr.getCertificationRequestInfo().getSubject(), csr.getCertificationRequestInfo().getSubjectPublicKeyInfo(), identityKey); }
public static CertificationRequest getInstance(Object o) { if (o instanceof CertificationRequest) { return (CertificationRequest)o; } if (o != null) { return new CertificationRequest(ASN1Sequence.getInstance(o)); } return null; }
.equals(req.getSignatureCert().getIssuerX500Principal()); CertificationRequest csr = CertificationRequest.getInstance(req.getMessageData()); if (!name.equals(csr.getCertificationRequestInfo().getSubject())) { LOG.warn("tid={}: self-signed cert.subject != CSR.subject", tid); return buildPkiMessage(rep, PkiStatus.FAILURE, FailInfo.badRequest); String challengePwd = getChallengePassword(csr.getCertificationRequestInfo()); if (challengePwd == null || !control.getSecret().equals(challengePwd)) { LOG.warn("challengePassword is not trusted"); buildPkiMessage(rep, PkiStatus.FAILURE, FailInfo.badRequest); } else { csr = CertificationRequest.getInstance(req.getMessageData()); try { cert = caEmulator.generateCert(csr); buildPkiMessage(rep, PkiStatus.FAILURE, FailInfo.badRequest); } else { csr = CertificationRequest.getInstance(req.getMessageData()); try { cert = caEmulator.generateCert(csr);
public X509Certificate requestCert(String certprofile, CertificationRequest csr) throws Exception { String url = caUrl + "/enroll-cert?profile=" + certprofile; byte[] response = httpPost(url, "application/pkcs10", csr.getEncoded(), CT_pkix_cert); X509Certificate cert = SdkUtil.parseCert(response); if (!verify(caCert, cert)) { throw new Exception("The returned certificate is not issued by the given CA"); } return cert; }
@Override protected Object execute0() throws Exception { CertificationRequest csr = X509Util.parseCsr(IoUtil.read(csrFile)); String sigAlgo = AlgorithmUtil.getSignatureAlgoName(csr.getSignatureAlgorithm()); boolean bo = securityFactory.verifyPopo(csr, null); String txt = bo ? "valid" : "invalid"; println("The POP is " + txt + " (signature algorithm " + sigAlgo + ")."); return null; }
builder.addRDN(BCStyle.CN, inputCSR.getSignature()); Calendar now = Calendar.getInstance(); Date notBefore = now.getTime();
CertificationRequest csr = CertificationRequest.getInstance(encodedCsr); ca.checkCsr(csr); CertificationRequestInfo certTemp = csr.getCertificationRequestInfo();
return; byte[] cert = localCA.requestCertificate(request.getEncoded()); if (cert == null) { mLogger.log(Level.SEVERE, "end-point certificate is null.");
case RenewalReq: case UpdateReq: CertificationRequest csr = CertificationRequest.getInstance(req.getMessageData()); X500Name reqSubject = csr.getCertificationRequestInfo().getSubject(); if (LOG.isInfoEnabled()) { LOG.info("tid={}, subject={}", tid, X509Util.getRfc4519Name(reqSubject)); CertificationRequestInfo csrReqInfo = csr.getCertificationRequestInfo(); X509Certificate reqSignatureCert = req.getSignatureCert(); X500Principal reqSigCertSubject = reqSignatureCert.getSubjectX500Principal();
checkPermission(requestor, PermissionConstants.ENROLL_CERT); respBody = processP10cr(dfltCertprofileName, request, requestor, tid, reqHeader, CertificationRequest.getInstance(reqBody.getContent()), cmpControl, msgId, event); break; case PKIBody.TYPE_CROSS_CERT_REQ:
public static CertificationRequest getInstance(Object o) { if (o instanceof CertificationRequest) { return (CertificationRequest)o; } if (o != null) { return new CertificationRequest(ASN1Sequence.getInstance(o)); } return null; }
public Certificate generateCert(CertificationRequest csr) throws Exception { if (!verifyPopo(csr)) { throw new Exception("CSR invalid"); } CertificationRequestInfo reqInfo = csr.getCertificationRequestInfo(); return generateCert(reqInfo.getSubjectPublicKeyInfo(), reqInfo.getSubject()); }
if (MessageType.PKCSReq == messageType || MessageType.RenewalReq == messageType || MessageType.UpdateReq == messageType) { CertificationRequest messageData = CertificationRequest.getInstance(encodedMessageData); ret.setMessageData(messageData); } else if (MessageType.CertPoll == messageType) {
/** * Returns a Certification Request. * * @return the Certification Request * @see <a href="http://tools.ietf.org/html/rfc2986">RFC 2986</a> */ public CertificationRequest getMessage() throws IOException { try { final CertificationRequestInfo info = getCertificationRequestInfo(); return new CertificationRequest(info, getSignatureAlgorithm(), sign(info)); } catch (GeneralSecurityException e) { throw new IOException(e); } }
public EnrolmentResponse scepCertPoll(PrivateKey identityKey, X509Certificate identityCert, CertificationRequest csr, X500Name issuer) throws ScepClientException { ScepUtil.requireNonNull("csr", csr); TransactionId tid; try { tid = TransactionId.sha1TransactionId( csr.getCertificationRequestInfo().getSubjectPublicKeyInfo()); } catch (InvalidKeySpecException ex) { throw new ScepClientException(ex.getMessage(), ex); } return scepCertPoll(identityKey, identityCert, tid, issuer, csr.getCertificationRequestInfo().getSubject()); }
return CertRepMessage.getInstance(o); case TYPE_P10_CERT_REQ: return CertificationRequest.getInstance(o); case TYPE_POPO_CHALL: return POPODecKeyChallContent.getInstance(o);
assertEquals(certificationRequest.hashCode(), certificationRequest.hashCode()); PKCS10CertificationRequest expectedCertificationRequest = new PKCS10CertificationRequest(new org.bouncycastle.asn1.pkcs.CertificationRequest( new org.bouncycastle.asn1.pkcs.CertificationRequestInfo(new X500Name(name), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()), new DERSet()), new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withECDSA"),
public static CertificateRequest loadCertificateRequest(Reader reader) throws IOException { try (PEMReader pr = new PEMReader(reader)) { CertificationRequest req = (CertificationRequest) pr.readObject(); // get the CN String cn = (String) ((X509Name) req.getCertificationRequestInfo().getSubject()).getValues(new DERObjectIdentifier("2.5.4.3")).get(0); // build the key KeyFactory kf = KeyFactory.getInstance("RSA"); PublicKey key = kf.generatePublic(new RSAPublicKeySpec( ((ASN1Integer)((DERSequence) req.getCertificationRequestInfo().getSubjectPublicKeyInfo().getPublicKey()).getObjectAt(0)).getValue(), ((ASN1Integer)((DERSequence) req.getCertificationRequestInfo().getSubjectPublicKeyInfo().getPublicKey()).getObjectAt(1)).getValue() )); return new CertificateRequest(cn, key); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new IOException("Failed to parse certificate request", e); } }
return CertRepMessage.getInstance(o); case TYPE_P10_CERT_REQ: return CertificationRequest.getInstance(o); case TYPE_POPO_CHALL: return POPODecKeyChallContent.getInstance(o);