Java 类org.bouncycastle.asn1.crmf.SubsequentMessage 实例源码

public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
{
    if (popSigner != null || popRaVerified != null)
    {
        throw new IllegalStateException("only one proof of possession allowed");
    }

    this.popoPrivKey = new POPOPrivKey(msg);

    return this;
}

public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
{
    if (popSigner != null || popRaVerified != null)
    {
        throw new IllegalStateException("only one proof of possession allowed");
    }

    this.popoPrivKey = new POPOPrivKey(msg);

    return this;
}

public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
{
    if (popSigner != null || popRaVerified != null)
    {
        throw new IllegalStateException("only one proof of possession allowed");
    }

    this.popoPrivKey = new POPOPrivKey(msg);

    return this;
}

public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
{
    if (popSigner != null || popRaVerified != null)
    {
        throw new IllegalStateException("only one proof of possession allowed");
    }

    this.popoPrivKey = new POPOPrivKey(msg);

    return this;
}

public void testSubsequentMessage()
    throws Exception
{
    KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);

    kGen.initialize(512);

    KeyPair kp = kGen.generateKeyPair();
    X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");

    ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider(BC).build(
                kp.getPrivate());

    GeneralName user = new GeneralName(new X500Name("CN=Test"));

    CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
                BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
                SubsequentMessage.encrCert);

            ProtectedPKIMessage certRequestMsg = new ProtectedPKIMessageBuilder(user,
                user).setTransactionID(new byte[] { 1, 2, 3, 4, 5 }).setBody(
                new PKIBody(PKIBody.TYPE_KEY_UPDATE_REQ, new CertReqMessages(builder.build().toASN1Structure()))).addCMPCertificate(
                cert).build(signer);

    ProtectedPKIMessage msg = new ProtectedPKIMessage(new GeneralPKIMessage(certRequestMsg.toASN1Structure().getEncoded()));

    CertReqMessages reqMsgs = CertReqMessages.getInstance(msg.getBody().getContent());

    CertReqMsg reqMsg = reqMsgs.toCertReqMsgArray()[0];

    assertEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.getPopo().getType());
}

private void doNotBeforeNotAfterTest(KeyPair kp, Date notBefore, Date notAfter)
    throws Exception
{
    CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
                BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
                SubsequentMessage.encrCert);

    builder.setValidity(notBefore, notAfter);

    CertificateRequestMessage message = builder.build();

    if (notBefore != null)
    {
        assertEquals(notBefore.getTime(), message.getCertTemplate().getValidity().getNotBefore().getDate().getTime());
    }
    else
    {
        assertNull(message.getCertTemplate().getValidity().getNotBefore());
    }

    if (notAfter != null)
    {
        assertEquals(notAfter.getTime(), message.getCertTemplate().getValidity().getNotAfter().getDate().getTime());
    }
    else
    {
        assertNull(message.getCertTemplate().getValidity().getNotAfter());
    }
}

public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
{
    if (popSigner != null || popRaVerified != null)
    {
        throw new IllegalStateException("only one proof of possession allowed");
    }

    this.popoPrivKey = new POPOPrivKey(msg);

    return this;
}

public void testSubsequentMessage()
    throws Exception
{
    KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);

    kGen.initialize(512);

    KeyPair kp = kGen.generateKeyPair();
    X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");

    ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider(BC).build(
                kp.getPrivate());

    GeneralName user = new GeneralName(new X500Name("CN=Test"));

    CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
                BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
                SubsequentMessage.encrCert);

            ProtectedPKIMessage certRequestMsg = new ProtectedPKIMessageBuilder(user,
                user).setTransactionID(new byte[] { 1, 2, 3, 4, 5 }).setBody(
                new PKIBody(PKIBody.TYPE_KEY_UPDATE_REQ, new CertReqMessages(builder.build().toASN1Structure()))).addCMPCertificate(
                cert).build(signer);

    ProtectedPKIMessage msg = new ProtectedPKIMessage(new GeneralPKIMessage(certRequestMsg.toASN1Structure().getEncoded()));

    CertReqMessages reqMsgs = CertReqMessages.getInstance(msg.getBody().getContent());

    CertReqMsg reqMsg = reqMsgs.toCertReqMsgArray()[0];

    assertEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.getPopo().getType());
}

private void doNotBeforeNotAfterTest(KeyPair kp, Date notBefore, Date notAfter)
    throws Exception
{
    CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
                BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
                SubsequentMessage.encrCert);

    builder.setValidity(notBefore, notAfter);

    CertificateRequestMessage message = builder.build();

    if (notBefore != null)
    {
        assertEquals(notBefore.getTime(), message.getCertTemplate().getValidity().getNotBefore().getDate().getTime());
    }
    else
    {
        assertNull(message.getCertTemplate().getValidity().getNotBefore());
    }

    if (notAfter != null)
    {
        assertEquals(notAfter.getTime(), message.getCertTemplate().getValidity().getNotAfter().getDate().getTime());
    }
    else
    {
        assertNull(message.getCertTemplate().getValidity().getNotAfter());
    }
}