public X509Certificate getResponderCert() { ConcurrentContentSigner signer = getSigner(); return (signer == null) ? null : signer.getCertificate(); }
tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name);
private static X500Name getSignerSubject(ConcurrentContentSigner signer) { Args.notNull(signer, "signer"); if (signer.getCertificate() == null) { throw new IllegalArgumentException("requestor without certificate is not allowed"); } return X500Name.getInstance(signer.getCertificate().getSubjectX500Principal().getEncoded()); }
@Override public KeyCertPair createPrivateKeyAndCert(final String type, final SignerConf conf, final X509Certificate cert) throws ObjectCreationException { conf.putConfEntry("parallelism", Integer.toString(1)); X509Certificate[] certs = null; if (cert != null) { certs = new X509Certificate[]{cert}; } ConcurrentContentSigner signer = signerFactoryRegister.newSigner(this, type, conf, certs); PrivateKey privateKey = (PrivateKey) signer.getSigningKey(); return new KeyCertPair(privateKey, signer.getCertificate()); }
@Override public KeyCertPair createPrivateKeyAndCert(String type, SignerConf conf, X509Certificate cert) throws ObjectCreationException { conf.putConfEntry("parallelism", Integer.toString(1)); X509Certificate[] certs = null; if (cert != null) { certs = new X509Certificate[]{cert}; } ConcurrentContentSigner signer = signerFactoryRegister.newSigner(this, type, conf, certs); PrivateKey privateKey = (PrivateKey) signer.getSigningKey(); return new KeyCertPair(privateKey, signer.getCertificate()); }
X509Certificate cert = signer.getCertificate(); if (cert != null) { String subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal());
public final void setResponder(SignerEntryWrapper responder) throws CaMgmtException { if (responder == null) { this.responderKey = null; this.responderCert = null; this.envelopedDataDecryptor = null; return; } ConcurrentContentSigner signer = responder.getSigner(); Key signingKey = signer.getSigningKey(); if (!(signingKey instanceof PrivateKey)) { throw new CaMgmtException("Unsupported signer type: the signing key is not a PrivateKey"); } if (!(signer.getCertificate().getPublicKey() instanceof RSAPublicKey)) { throw new IllegalArgumentException("The SCEP responder key is not RSA key for CA " + caIdent.getName()); } this.responderKey = (PrivateKey) signingKey; this.responderCert = signer.getCertificate(); this.envelopedDataDecryptor = new EnvelopedDataDecryptor(new EnvelopedDataDecryptorInstance(responderCert, responderKey)); }
X509Certificate cert = signer.getCertificate(); if (cert != null) { String subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal());
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { ParamUtil.requireNonNull("pkiMessage", pkiMessage); ParamUtil.requireNonNull("signer", signer); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { Args.notNull(pkiMessage, "pkiMessage"); Args.notNull(signer, "signer"); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
caEntry.getCert()); if (caEntry.getCert() == null) { if (signer.getCertificate() == null) { throw new CaMgmtException("CA signer without certificate is not allowed"); caEntry.setCert(signer.getCertificate());
if (signer.getCertificate() != null) { bcCert = Certificate.getInstance(signer.getCertificate().getEncoded()); } catch (Exception ex) { throw new OperationException(ErrorCode.SYSTEM_FAILURE,
if (signer.getCertificate() != null) { Certificate cert = Certificate.getInstance(signer.getCertificate().getEncoded()); subjectPublicKeyInfo = cert.getSubjectPublicKeyInfo(); } else {
public void initSigner(SecurityFactory securityFactory) throws ObjectCreationException { Args.notNull(securityFactory, "securityFactory"); if (signer != null) { return; } if (dbEntry == null) { throw new ObjectCreationException("dbEntry is null"); } X509Certificate responderCert = dbEntry.getCertificate(); dbEntry.setConfFaulty(true); signer = securityFactory.createSigner(dbEntry.getType(), new SignerConf(dbEntry.getConf()), responderCert); if (signer.getCertificate() == null) { throw new ObjectCreationException("signer without certificate is not allowed"); } dbEntry.setConfFaulty(false); if (dbEntry.getBase64Cert() == null) { dbEntry.setCertificate(signer.getCertificate()); subjectAsX500Name = X500Name.getInstance(signer.getBcCertificate().getSubject()); subjectAsGeneralName = new GeneralName(subjectAsX500Name); } } // method initSigner
throw new CaMgmtException(concat("could not create signer for CA ", caName), ex); caEntry.setCert(signer.getCertificate());
? X509Util.extractSki(crlSigner.getSigner().getCertificate()) : pci.getSubjectKeyIdentifer(); AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(akiValues);
throw new InvalidConfException("could not create CA signer for CA " + name, ex); caCert = signer.getCertificate();
throw new InvalidConfException("could not create CA signer for CA " + name, ex); caCert = signer.getCertificate();
+ name, ex); caCert = signer.getCertificate();
SignerEntryWrapper crlSigner = getCrlSigner(); X509Certificate crlSignerCert = (crlSigner == null) ? null : crlSigner.getSigner().getCertificate();