/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2020 Nordix Foundation.
+ * Copyright (C) 2021 Nokia.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
package org.onap.oom.certservice.cmpv2client.impl;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.Date;
-import java.util.Objects;
-
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1GeneralizedTime;
+import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.util.Date;
+import java.util.Objects;
+
public final class CmpUtil {
private static final Logger LOGGER = LoggerFactory.getLogger(CmpUtil.class);
*
* @return bytes containing a random number string representing a nonce
*/
- static byte[] createRandomBytes() {
- LOGGER.info("Generating random array of bytes");
+ public static byte[] createRandomBytes() {
+ LOGGER.debug("Generating random array of bytes");
byte[] randomBytes = new byte[RANDOM_BYTE_LENGTH];
SECURE_RANDOM.nextBytes(randomBytes);
return randomBytes;
*
* @return bytes containing a random number string representing a nonce
*/
- static int createRandomInt(int range) {
- LOGGER.info("Generating random integer");
+ public static int createRandomInt(int range) {
+ LOGGER.debug("Generating random integer");
return SECURE_RANDOM.nextInt(range) + RANDOM_SEED;
}
* @param body Body of PKIMessage containing specific information for message
* @return bytes representing the PKIHeader and PKIBody thats to be protected
*/
- static byte[] generateProtectedBytes(PKIHeader header, PKIBody body) throws CmpClientException {
- LOGGER.info("Generating array of bytes representing PkiHeader and PkiBody");
+ public static byte[] generateProtectedBytes(PKIHeader header, PKIBody body) throws CmpClientException {
+ LOGGER.debug("Generating array of bytes representing PkiHeader and PkiBody");
byte[] res;
ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(header);
}
/**
- * Generates a PKIHeader Builder object.
+ * Generates a PKIHeader object.
*
* @param subjectDn distinguished name of Subject
* @param issuerDn distinguished name of external CA
* @param protectionAlg protection Algorithm used to protect PKIMessage
- * @return PKIHeaderBuilder
+ * @param senderKid sender identifier for receiver used for verification
+ * @return PKIHeader
*/
static PKIHeader generatePkiHeader(
X500Name subjectDn, X500Name issuerDn, AlgorithmIdentifier protectionAlg, String senderKid) {
- LOGGER.info("Generating a Pki Header Builder");
+ LOGGER.debug("Generating a Pki Header Builder");
PKIHeaderBuilder pkiHeaderBuilder =
new PKIHeaderBuilder(
PKIHeader.CMP_2000, new GeneralName(subjectDn), new GeneralName(issuerDn));
pkiHeaderBuilder.setTransactionID(new DEROctetString(createRandomBytes()));
pkiHeaderBuilder.setProtectionAlg(protectionAlg);
pkiHeaderBuilder.setGeneralInfo(new InfoTypeAndValue(CMPObjectIdentifiers.it_implicitConfirm));
- pkiHeaderBuilder.setSenderKID(new DEROctetString(senderKid.getBytes()));
+ pkiHeaderBuilder.setSenderKID(mapToAsn1OctetString(senderKid));
return pkiHeaderBuilder.build();
}
+
+ private static ASN1OctetString mapToAsn1OctetString(String string) {
+ return string != null ? new DEROctetString(string.getBytes()) : null;
+ }
}