Package org.ejbca.core.protocol

Examples of org.ejbca.core.protocol.IResponseMessage

58
59
60
61
62
63
64
65
66
67
68
69
      } else {
        getLogger().error("Input file '"+csr+"' is not a PKCS#10 request.");
        return;
      }
      // Call signsession to create a certificate
      IResponseMessage resp = ejb.getSignSession().createCertificate(getAdmin(), req, X509ResponseMessage.class, null);
      byte[] respBytes = resp.getResponseMessage();
      // Convert to PEM
      Certificate cert = CertTools.getCertfromByteArray(respBytes);
      Collection certs = new ArrayList();
      certs.add(cert);
      byte[] pembytes = CertTools.getPEMFromCerts(certs);
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
                log.error("Error '" + reqmsg.getErrorNo() + "' receiving Scep request message.");
                return null;
            }
            if (reqmsg.getMessageType() == ScepRequestMessage.SCEP_TYPE_PKCSREQ) {
                // Get the certificate
                IResponseMessage resp = signsession.createCertificate(admin, reqmsg, org.ejbca.core.protocol.scep.ScepResponseMessage.class, null);
                if (resp != null) {
                    ret = resp.getResponseMessage();
                }
            }
            if (reqmsg.getMessageType() == ScepRequestMessage.SCEP_TYPE_GETCRL) {
                // create the stupid encrypted CRL message, the below can actually only be made
                // at the CA, since CAs private key is needed to decrypt
                IResponseMessage resp = signsession.getCRL(admin, reqmsg, org.ejbca.core.protocol.scep.ScepResponseMessage.class);
                if (resp != null) {
                    ret = resp.getResponseMessage();
                }
            }
        } catch (IOException e) {
            log.error("Error receiving ScepMessage: ", e);
        } catch (GeneralSecurityException e) {
View Full Code Here
224
225
226
227
228
229
230
231
232
233
234
235
236
237
    }
    Certificate cert=null;
    debugInfo += "Request: " + requestData + "\n";
    req.setUsername(username);
    req.setPassword(password);
    IResponseMessage resp;
    try {
      resp = signSession.createCertificate(admin, req, X509ResponseMessage.class, null);
      cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
      result = signSession.createPKCS7(admin, cert, true);
      debugInfo += "Resulting cert: " + new String(Base64.encode(result, true)) + "\n";
    } catch (Exception e) {
      log.error("Noooo!!! ", e);
      response.getOutputStream().println("An error has occurred.");
View Full Code Here
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
            case CertificateRequestRequest.REQUEST_TYPE_PKCS10:
              Certificate cert = null;
              PKCS10RequestMessage req = RequestMessageUtils.genPKCS10RequestMessage(submessage.getRequestData());
              req.setUsername(submessage.getUsername());
              req.setPassword(submessage.getPassword());
              IResponseMessage resp = signSession.createCertificate(admin, req, X509ResponseMessage.class, null);
              cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
              if (submessage.getResponseType() == CertificateRequestRequest.RESPONSE_TYPE_CERTIFICATE) {
                result = cert.getEncoded();
              } else
                result = signSession.createPKCS7(admin, cert, true);
              }
              break;
            case CertificateRequestRequest.REQUEST_TYPE_SPKAC:
              ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(submessage.getRequestData()));
              ASN1Sequence spkac = (ASN1Sequence) in.readObject();
              in.close();
              NetscapeCertRequest nscr = new NetscapeCertRequest(spkac);
                cert = signSession.createCertificate(admin, submessage.getUsername(), submessage.getPassword(), nscr.getPublicKey());
              if (submessage.getResponseType() == CertificateRequestRequest.RESPONSE_TYPE_CERTIFICATE) {
                result = cert.getEncoded();
              } else if (submessage.getResponseType() == CertificateRequestRequest.RESPONSE_TYPE_PKCS7) { 
                result = signSession.createPKCS7(admin, cert, true);
              } else if (submessage.getResponseType() == CertificateRequestRequest.RESPONSE_TYPE_PKCS7WITHCHAIN) {
                // Read certificate chain
                    ArrayList<Certificate> certList = new ArrayList<Certificate>();
                      certList.add(cert);
                      certList.addAll(caSession.getCA(Admin.getInternalAdmin(), CertTools.getIssuerDN(cert).hashCode()).getCertificateChain());
                      // Create large certificate-only PKCS7
                      CertificateFactory cf = CertificateFactory.getInstance("X.509");
                      CertPath certPath = cf.generateCertPath(new ByteArrayInputStream(CertTools.getPEMFromCerts(certList)));
                      result = certPath.getEncoded("PKCS7");
              } else
              return new CertificateRequestResponse(submessage.getRequestId(), false, MSG_UNSUPPORTED_RESPONSE_TYPE, null, null);
              }
              break;
            case CertificateRequestRequest.REQUEST_TYPE_CRMF:
              // Extract request in a format that EJBCA can process
          CertReqMessages certReqMessages = CertReqMessages.getInstance(new ASN1InputStream(submessage.getRequestData()).readObject());
          PKIMessage msg = new PKIMessage(new PKIHeader(
              new DERInteger(2), new GeneralName(new X509Name("CN=unused")), new GeneralName(new X509Name("CN=unused"))),
              new PKIBody(certReqMessages, 2)); // [2] CertReqMessages --Certification Request
              CrmfRequestMessage crmfReq = new CrmfRequestMessage(msg, null, true, null);
              crmfReq.setUsername(submessage.getUsername());
              crmfReq.setPassword(submessage.getPassword());
              // Request and extract certificate from response
              IResponseMessage response = signSession.createCertificate(admin, crmfReq, org.ejbca.core.protocol.cmp.CmpResponseMessage.class, null);
              ASN1InputStream ais = new ASN1InputStream(new ByteArrayInputStream(response.getResponseMessage()));
              CertRepMessage certRepMessage = PKIMessage.getInstance(ais.readObject()).getBody().getCp();
          InputStream inStream = new ByteArrayInputStream(certRepMessage.getResponse(0).getCertifiedKeyPair().getCertOrEncCert().getCertificate().getEncoded());
          cert = CertificateFactory.getInstance("X.509").generateCertificate(inStream);
          inStream.close();
          // Convert to the right response type
View Full Code Here
488
489
490
491
492
493
494
495
496
497
        byte[] result = null
        Certificate cert=null;
    PKCS10RequestMessage req = RequestMessageUtils.genPKCS10RequestMessage(b64Encoded);
    req.setUsername(username);
        req.setPassword(password);
        IResponseMessage resp = signsession.createCertificate(administrator, req, org.ejbca.core.protocol.X509ResponseMessage.class, null);
        cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
        result = cert.getEncoded();
        return Base64.encode(result, false);
    }
View Full Code Here
247
248
249
250
251
252
253
254
255
    private Certificate pkcs10CertRequest(Admin administrator, SignSession signSession, PKCS10RequestMessage req,
        String username, String password) throws EjbcaException, CertificateEncodingException, CertificateException, IOException, ClassNotFoundException {
        Certificate cert=null;
    req.setUsername(username);
        req.setPassword(password);
        IResponseMessage resp = signSession.createCertificate(administrator,req,X509ResponseMessage.class, null);
        cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
        return cert;
    }
View Full Code Here
261
262
263
264
265
266
267
268
269
270
271
272
       
        byte[] pkcs7;
        try {
            p10.setUsername(username);
            p10.setPassword(password);
            IResponseMessage resp = signSession.createCertificate(admin, p10, org.ejbca.core.protocol.X509ResponseMessage.class, null);
            Certificate cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
            pkcs7 = signSession.createPKCS7(admin, cert, true);
        } catch (EjbcaException e) {
            // EJBCA did not accept any of all parameters in the request.
            throw new ServletException(e);
        } catch (CertificateEncodingException e) {
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
    if ( cmpTcpMessage.message==null )  {
      handler.closeConnection();
    } else {
      // We must use an administrator with rights to create users
      final Admin administrator = new Admin(Admin.TYPE_RA_USER, handler.getHostAddress());
      final IResponseMessage resp;
      try {
         resp = getEjb().getCmpMessageDispatcherSession().dispatch(administrator, cmpTcpMessage.message);
      } catch (IOException e) {
        LOG.error( INTRES.getLocalizedMessage("cmp.errornoasn1"), e );
        handler.closeConnection();
        return;
      }
      if (LOG.isDebugEnabled()) {
        LOG.debug("Sending back CMP response to client.");
      }
      // Send back reply
      final TcpReturnMessage sendBack;
      {
        byte tmp[] = null;
        try {
          if (resp!=null) {
            tmp = resp.getResponseMessage();
          }
        } catch (CertificateEncodingException e) {
          LOG.debug("CertificateEncodingException: " + e.getMessage());
        }
        sendBack = TcpReturnMessage.createMessage(tmp, cmpTcpMessage.doClose);
View Full Code Here
275
276
277
278
279
280
281
282
283
284
285
  /**
   *  @see org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean
   */ 
  public Certificate processRequest(CAInfo cainfo, IRequestMessage requestmessage) throws Exception {     
      Certificate returnval = null;
      IResponseMessage result = caadminsession.processRequest(administrator, cainfo, requestmessage);
      if(result instanceof X509ResponseMessage){
         returnval = ((X509ResponseMessage) result).getCertificate();     
      }           
      info.cAsEdited();
     
View Full Code Here
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
    try {
      // We must use an administrator with rights to create users
      final Admin administrator = new Admin(Admin.TYPE_RA_USER, remoteAddr);
      log.info( intres.getLocalizedMessage("cmp.receivedmsg", remoteAddr) );
      long startTime = System.currentTimeMillis();
      final IResponseMessage resp;
      try {
        resp = cmpMessageDispatcherLocal.dispatch(administrator, ba);
      } catch (IOException e) {
        response.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage());
        log.error( intres.getLocalizedMessage("cmp.errornoasn1"), e );
        return;
      }
      if ( resp==null ) { // If resp is null, it means that the dispatcher failed to process the message.
        response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, intres.getLocalizedMessage("cmp.errornullresp"));
        return;
      }
      // Add no-cache headers as defined in draft-ietf-pkix-cmp-transport-protocols-05.txt
      ServletUtils.addCacheHeaders(response);
      // Send back CMP response
      RequestHelper.sendBinaryBytes(resp.getResponseMessage(), response, "application/pkixcmp", null);
      long endTime = System.currentTimeMillis();
      log.info( intres.getLocalizedMessage("cmp.sentresponsemsg", remoteAddr, Long.valueOf(endTime - startTime)) );
    } catch (Exception e) {
      log.error("Error in CmpServlet:", e);
      response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
View Full Code Here
TOP

Related Classes of org.ejbca.core.protocol.IResponseMessage

  • org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean
  • org.ejbca.core.ejb.ca.caadmin.CAsTest
  • org.ejbca.core.ejb.ca.sign.CustomCertSerialnumberTest
  • org.ejbca.core.ejb.ca.sign.RSASignSessionBean
  • org.ejbca.core.ejb.ca.sign.SignSessionTest
  • org.ejbca.core.ejb.ra.CertificateRequestSessionBean
  • org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean
  • org.ejbca.core.protocol.cmp.ConfirmationMessageHandler
  • org.ejbca.core.protocol.cmp.CrmfMessageHandler
  • org.ejbca.core.protocol.cmp.RevocationMessageHandler
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.