1 13 package org.ejbca.core.protocol.cmp; 14 15 import java.io.ByteArrayOutputStream ; 16 import java.io.IOException ; 17 import java.security.InvalidKeyException ; 18 import java.security.NoSuchAlgorithmException ; 19 import java.security.NoSuchProviderException ; 20 import java.security.PrivateKey ; 21 import java.security.cert.CRL ; 22 import java.security.cert.Certificate ; 23 import java.security.cert.CertificateEncodingException ; 24 import java.security.cert.X509Certificate ; 25 26 import org.apache.log4j.Logger; 27 import org.bouncycastle.asn1.DERInteger; 28 import org.bouncycastle.asn1.DEROutputStream; 29 import org.bouncycastle.asn1.DERUTF8String; 30 import org.bouncycastle.asn1.x509.X509Name; 31 import org.ejbca.core.model.ca.SignRequestException; 32 import org.ejbca.core.model.ra.NotFoundException; 33 import org.ejbca.core.protocol.FailInfo; 34 import org.ejbca.core.protocol.IRequestMessage; 35 import org.ejbca.core.protocol.IResponseMessage; 36 import org.ejbca.core.protocol.ResponseStatus; 37 38 import com.novosec.pkix.asn1.cmp.PKIBody; 39 import com.novosec.pkix.asn1.cmp.PKIFreeText; 40 import com.novosec.pkix.asn1.cmp.PKIHeader; 41 import com.novosec.pkix.asn1.cmp.PKIMessage; 42 import com.novosec.pkix.asn1.cmp.PKIStatusInfo; 43 import com.novosec.pkix.asn1.cmp.RevRepContent; 44 45 46 51 public class CmpRevokeResponseMessage extends BaseCmpMessage implements IResponseMessage { 52 53 62 static final long serialVersionUID = 10002L; 63 64 private static final Logger log = Logger.getLogger(CmpRevokeResponseMessage .class); 65 66 67 private byte[] responseMessage = null; 68 private String failText = null; 69 private FailInfo failInfo = FailInfo.BAD_REQUEST; 70 private ResponseStatus status = ResponseStatus.FAILURE; 71 72 public void setCertificate(Certificate cert) { 73 } 74 75 public void setCrl(CRL crl) { 76 } 77 78 public void setIncludeCACert(boolean incCACert) { 79 } 80 81 public byte[] getResponseMessage() throws IOException , 82 CertificateEncodingException { 83 return responseMessage; 84 } 85 86 public void setStatus(ResponseStatus status) { 87 this.status = status; 88 } 89 90 public ResponseStatus getStatus() { 91 return status; 92 } 93 94 public void setFailInfo(FailInfo failInfo) { 95 this.failInfo = failInfo; 96 } 97 98 public FailInfo getFailInfo() { 99 return failInfo; 100 } 101 102 public void setFailText(String failText) { 103 this.failText = failText; 104 } 105 106 public String getFailText() { 107 return failText; 108 } 109 110 public boolean create() throws IOException , InvalidKeyException , 111 NoSuchAlgorithmException , NoSuchProviderException , 112 SignRequestException, NotFoundException { 113 114 X509Name sender = X509Name.getInstance(getSender().getName()); 115 X509Name recipient = X509Name.getInstance(getRecipient().getName()); 116 PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(sender, recipient, getSenderNonce(), getRecipientNonce(), getTransactionId()); 117 118 PKIStatusInfo myPKIStatusInfo = new PKIStatusInfo(new DERInteger(0)); if (status != ResponseStatus.SUCCESS) { 120 log.debug("Creating a rejection message"); 121 myPKIStatusInfo = new PKIStatusInfo(new DERInteger(2)); myPKIStatusInfo.setFailInfo(failInfo.getAsBitString()); 123 if (failText != null) { 124 myPKIStatusInfo.setStatusString(new PKIFreeText(new DERUTF8String(failText))); 125 } 126 } 127 RevRepContent myRevrepMessage = new RevRepContent(myPKIStatusInfo); 128 129 PKIBody myPKIBody = new PKIBody(myRevrepMessage, 12); PKIMessage myPKIMessage = new PKIMessage(myPKIHeader, myPKIBody); 131 132 if ((getPbeDigestAlg() != null) && (getPbeMacAlg() != null) && (getPbeKeyId() != null) && (getPbeKey() != null) ) { 133 responseMessage = CmpMessageHelper.protectPKIMessageWithPBE(myPKIMessage, getPbeKeyId(), getPbeKey(), getPbeDigestAlg(), getPbeMacAlg(), getPbeIterationCount()); 134 } else { 135 ByteArrayOutputStream baos = new ByteArrayOutputStream (); 136 DEROutputStream mout = new DEROutputStream( baos ); 137 mout.writeObject( myPKIMessage ); 138 mout.close(); 139 responseMessage = baos.toByteArray(); 140 } 141 return true; 142 } 143 144 public boolean requireSignKeyInfo() { 145 return false; 146 } 147 148 public boolean requireEncKeyInfo() { 149 return false; 150 } 151 152 public void setSignKeyInfo(X509Certificate cert, PrivateKey key, 153 String provider) { 154 } 155 156 public void setEncKeyInfo(X509Certificate cert, PrivateKey key, 157 String provider) { 158 } 159 160 public void setSenderNonce(String senderNonce) { 161 super.setSenderNonce(senderNonce); 162 } 163 164 public void setRecipientNonce(String recipientNonce) { 165 super.setRecipientNonce(recipientNonce); 166 } 167 168 public void setTransactionId(String transactionId) { 169 super.setTransactionId(transactionId); 170 } 171 172 public void setRecipientKeyInfo(byte[] recipientKeyInfo) { 173 } 174 175 public void setPreferredDigestAlg(String digest) { 176 } 177 178 public void setRequestType(int reqtype) { 179 } 180 181 public void setRequestId(int reqid) { 182 } 183 184 186 public void setProtectionParamsFromRequest(IRequestMessage reqMsg) { 187 } 188 } 189 | Popular Tags |