日日操夜夜添-日日操影院-日日草夜夜操-日日干干-精品一区二区三区波多野结衣-精品一区二区三区高清免费不卡

公告:魔扣目錄網為廣大站長提供免費收錄網站服務,提交前請做好本站友鏈:【 網站目錄:http://www.ylptlb.cn 】, 免友鏈快審服務(50元/站),

點擊這里在線咨詢客服
新站提交
  • 網站:51998
  • 待審:31
  • 小程序:12
  • 文章:1030137
  • 會員:747

CMP證書請求

發布時間:2024-03-09 00:33:51 作者:網友整理

本文介紹了CMP證書請求的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學習吧!

問題描述

我正在使用以下代碼向終結點發送CMP證書請求:

public static void main(String[] args) {
    try
    {
        System.out.println("In...");
        final BigInteger certReqId = BigInteger.valueOf(1);
        final byte[] senderNonce = "12345".getBytes();
        final byte[] transactionId = "23456".getBytes();
        KeyPairGenerator kpi = KeyPairGenerator.getInstance("RSA");
        kpi.initialize(2048);
        KeyPair keyPair = kpi.generateKeyPair();

        // Now on to the CMP
        CertificateRequestMessageBuilder msgbuilder = new CertificateRequestMessageBuilder(certReqId);
        X500Name issuerDN = new X500Name("CN=ManagementCA");
        X500Name subjectDN = new X500Name("CN=user");
        msgbuilder.setIssuer(issuerDN);
        msgbuilder.setSubject(subjectDN);
        final byte[]                  bytes = keyPair.getPublic().getEncoded();
        final ByteArrayInputStream bIn = new ByteArrayInputStream(bytes);
        final ASN1InputStream         dIn = new ASN1InputStream(bIn);
        final SubjectPublicKeyInfo keyInfo = new SubjectPublicKeyInfo((ASN1Sequence)dIn.readObject());
        dIn.close();
        msgbuilder.setPublicKey(keyInfo);
        GeneralName sender = new GeneralName(subjectDN);
        msgbuilder.setAuthInfoSender(sender);

        // RAVerified POP
        msgbuilder.setProofOfPossessionRaVerified();
        CertificateRequestMessage msg = msgbuilder.build();
        org.bouncycastle.asn1.crmf.CertReqMessages msgs = new org.bouncycastle.asn1.crmf.CertReqMessages(msg.toASN1Structure());
        org.bouncycastle.asn1.cmp.PKIBody pkibody = new org.bouncycastle.asn1.cmp.PKIBody(org.bouncycastle.asn1.cmp.PKIBody.TYPE_INIT_REQ, msgs);

        // Message protection and final message
        GeneralName recipient = new GeneralName(issuerDN);
        ProtectedPKIMessageBuilder pbuilder = new ProtectedPKIMessageBuilder(sender, recipient);
        pbuilder.setMessageTime(new Date());

        // senderNonce
        pbuilder.setSenderNonce(senderNonce);

        // TransactionId
        pbuilder.setTransactionID(transactionId);

        // Key Id used (required) by the recipient to do a lot of stuff
        pbuilder.setSenderKID("KeyID".getBytes());
        pbuilder.setBody(pkibody);
        JcePKMACValuesCalculator jcePkmacCalc = new JcePKMACValuesCalculator();
        final AlgorithmIdentifier digAlg = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.14.3.2.26")); // SHA1
        final AlgorithmIdentifier macAlg = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.2.7")); // HMAC/SHA1
        jcePkmacCalc.setup(digAlg, macAlg);
        PKMACBuilder macbuilder = new PKMACBuilder(jcePkmacCalc);
        MacCalculator macCalculator = macbuilder.build("47GKM7h06sfl".toCharArray());
        ProtectedPKIMessage message = pbuilder.build(macCalculator);

        PKIMessage pkiMessage = message.toASN1Structure();
        byte[] new_bytes = sendCmpHttp(pkiMessage.getEncoded());
    } catch (Exception e) {
        e.printStackTrace();
    }
}

private static byte[] sendCmpHttp(byte[] message ) throws IOException {
    // POST the CMP request

    final String urlString = "endpoint";
    // final String urlString = "http://localhost/ejbca/publicweb/cmp";

    URL url = new URL(urlString);
    final HttpURLConnection con = (HttpURLConnection) url.openConnection();
    con.setDoOutput(true);
    con.setRequestMethod("POST");
    con.setRequestProperty("Content-type", "application/pkixcmp");
    con.connect();
    // POST it
    OutputStream os = con.getOutputStream();
    os.write(message);
    os.close();


    System.out.println("httpRespCode: " + con.getResponseCode());
    System.out.println("Content Type: " + con.getContentType());
    System.out.println("CacheControl:" + con.getHeaderField("Cache-Control"));
    System.out.println("Pragma:" + con.getHeaderField("Pragma"));
    System.out.println("Pragma:" + con.getResponseMessage());

    // Now read in the bytes
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    // This works for small requests, and CMP requests are small enough
    InputStream in = con.getInputStream();
    int b = in.read();
    while (b != -1) {
        baos.write(b);
        b = in.read();
    }
    baos.flush();
    in.close();
    byte[] respBytes = baos.toByteArray();
    System.out.println(baos.toString());
    // is Null respBytes);
    // respBytes.length > 0
    return respBytes;
}

當我將字節響應轉換為字符串時,我得到一些不可讀的字符+POPO驗證失敗。

推薦答案

您得到的響應不是字符串,而是PKIMessage對象。您可以通過以下方式將二進制數據轉換為對象:

ASN1InputStream is = new ASN1InputStream(new ByteArrayInputStream(new_bytes));

PKIMessage pkiMessage = PKIMessage.getInstance(is.readObject());

GeneralPKIMessage generalPKIMessage = new GeneralPKIMessage(pkiMessage.getEncoded());

System.out.println(generalPKIMessage);

對于失敗和成功的cmp操作,您都會獲得一個PKIMessage對象。您可以在該對象中找到錯誤消息或用戶證書(取決于您正在執行的CMP操作)。

這篇關于CMP證書請求的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,

分享到:
標簽:CMP 證書 請求
用戶無頭像

網友整理

注冊時間:

網站:5 個   小程序:0 個  文章:12 篇

  • 51998

    網站

  • 12

    小程序

  • 1030137

    文章

  • 747

    會員

趕快注冊賬號,推廣您的網站吧!
最新入駐小程序

數獨大挑戰2018-06-03

數獨一種數學游戲,玩家需要根據9

答題星2018-06-03

您可以通過答題星輕松地創建試卷

全階人生考試2018-06-03

各種考試題,題庫,初中,高中,大學四六

運動步數有氧達人2018-06-03

記錄運動步數,積累氧氣值。還可偷

每日養生app2018-06-03

每日養生,天天健康

體育訓練成績評定2018-06-03

通用課目體育訓練成績評定