Example usage for org.bouncycastle.asn1.crmf AttributeTypeAndValue getInstance

List of usage examples for org.bouncycastle.asn1.crmf AttributeTypeAndValue getInstance

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.crmf.*
  5. AttributeTypeAndValue
  6. getInstance

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.crmf AttributeTypeAndValue getInstance.

Prototype

public static AttributeTypeAndValue getInstance(Object o)

Source Link

Usage

From source file:org.ejbca.core.protocol.cmp.CmpMessageHelper.java

License:Open Source License

/**
 * Parses a CRMF request created with novosec library classes and return a bouncycastle CertReqMsg object
 * // w ww . ja  v a2s .c om
 * @param messages
 * @return
 */
public static CertReqMsg getNovosecCertReqMsg(CertReqMessages messages) {
    // The encoding of the ProofOfPosession in bouncycastle and novosec is different.
    // Novosec generator explicitly tags the PopoSigningKey while it should be implicitly tagged.
    // Through novosec, the ProofOfPosession comes through as:
    //         Sequence
    //             DERSequence
    //                 DERSequence
    //                     ObjectIdentifier(1.2.840.113549.1.1.5)
    //                 DERBitString[64,0]
    //
    // But it should be:
    //         DERSequence
    //             DERSequence
    //                 ObjectIdentifier(1.2.840.113549.1.1.5)
    //             DERBitString[64,0]
    //
    // The bouncycastle parser expects an implicit tag, so to it, it looks like the sequence is containing a single element.
    //--------------------------------------
    // A comment from bouncycastle that might not effect anything here but maybe effect something else in the future: 
    //         What's happened is the novosec generator has explicitly tagged the PopoSigningKey structure, it should be 
    //         implicitly tagged (this isn't true if it's a POPOPrivKey, but that's because it's a CHOICE item so the tag 
    //         has to be preserved, but that is a different story).

    // Reconstructing the CertRequest
    ASN1Encodable o2 = ((DERSequence) messages.toASN1Primitive()).getObjectAt(0);
    ASN1Encodable o3 = ((DERSequence) o2).getObjectAt(0);
    CertRequest cr = CertRequest.getInstance(o3);

    // Reconstructing the proof-of-posession
    ASN1TaggedObject o4 = (ASN1TaggedObject) ((DERSequence) o2).getObjectAt(1);
    ProofOfPossession pp;
    int tagnr = o4.getTagNo();
    ASN1Encodable o5;
    switch (tagnr) {
    case 0:
        o5 = DERNull.INSTANCE;
        pp = new ProofOfPossession();
        break;
    case 1:
        o5 = POPOSigningKey.getInstance(o4.getObject());
        pp = new ProofOfPossession((POPOSigningKey) o5);
        break;
    case 2:
    case 3:
        o5 = POPOPrivKey.getInstance(o4, false);
        pp = new ProofOfPossession(tagnr, (POPOPrivKey) o5);
        break;
    default:
        throw new IllegalArgumentException("unknown tag: " + tagnr);
    }

    // Reconstructing the regToken
    ASN1Sequence o6 = (ASN1Sequence) ((ASN1Sequence) o2.toASN1Primitive()).getObjectAt(2);
    final AttributeTypeAndValue av = AttributeTypeAndValue.getInstance(((ASN1Sequence) o6).getObjectAt(0));
    final AttributeTypeAndValue[] avs = { av };

    // finally, recreating the CertReqMsg object
    return new CertReqMsg(cr, pp, avs);
}