// (could also be pkcsRepSigned or certOnly, but we don't receive them on the server side
// Try to find out what kind of message this is
sd = new SignedData((ASN1Sequence) ci.getContent());
// Get self signed cert to identify the senders public key
ASN1Set certs = sd.getCertificates();
if (certs.size() > 0) {
// There should be only one...
DEREncodable dercert = certs.getObjectAt(0);
if (dercert != null) {
// Requestors self-signed certificate is requestKeyInfo
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
dOut.writeObject(dercert);
if (bOut.size() > 0) {
requestKeyInfo = bOut.toByteArray();
//Create Certificate used for debugging
try {
signercert = CertTools.getCertfromByteArray(requestKeyInfo);
if (log.isDebugEnabled()) {
log.debug("requestKeyInfo is SubjectDN: " + CertTools.getSubjectDN(signercert) +
", Serial=" + CertTools.getSerialNumberAsString(signercert) +
"; IssuerDN: "+ CertTools.getIssuerDN(signercert).toString());
}
} catch (CertificateException e) {
log.error("Error parsing requestKeyInfo : ", e);
}
}
}
}
Enumeration sis = sd.getSignerInfos().getObjects();
if (sis.hasMoreElements()) {
SignerInfo si = new SignerInfo((ASN1Sequence) sis.nextElement());
Enumeration attr = si.getAuthenticatedAttributes().getObjects();
while (attr.hasMoreElements()) {
Attribute a = new Attribute((ASN1Sequence) attr.nextElement());
log.debug("Found attribute: " + a.getAttrType().getId());
if (a.getAttrType().getId().equals(id_senderNonce)) {
Enumeration values = a.getAttrValues().getObjects();
ASN1OctetString str = ASN1OctetString.getInstance(values.nextElement());
senderNonce = new String(Base64.encode(str.getOctets(), false));
log.debug("senderNonce = " + senderNonce);
}
if (a.getAttrType().getId().equals(id_transId)) {
Enumeration values = a.getAttrValues().getObjects();
DERPrintableString str = DERPrintableString.getInstance(values.nextElement());
transactionId = str.getString();
log.debug("transactionId = " + transactionId);
}
if (a.getAttrType().getId().equals(id_messageType)) {
Enumeration values = a.getAttrValues().getObjects();
DERPrintableString str = DERPrintableString.getInstance(values.nextElement());
messageType = Integer.parseInt(str.getString());
log.debug("messagetype = " + messageType);
}
}
}
// If this is a PKCSReq
if ((messageType == ScepRequestMessage.SCEP_TYPE_PKCSREQ) || (messageType == ScepRequestMessage.SCEP_TYPE_GETCRL) || (messageType == ScepRequestMessage.SCEP_TYPE_GETCERTINITIAL)) {
// Extract the contents, which is an encrypted PKCS10 if messageType == 19
// , and an encrypted issuer and subject if messageType == 20 (not extracted)
// and an encrypted IssuerAndSerialNumber if messageType == 22
ci = sd.getEncapContentInfo();
ctoid = ci.getContentType().getId();
if (ctoid.equals(CMSObjectIdentifiers.data.getId())) {
DEROctetString content = (DEROctetString) ci.getContent();
log.debug("envelopedData is " + content.getOctets().length + " bytes.");
ASN1Sequence seq1 = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(content.getOctets())).readObject();
envEncData = new ContentInfo(seq1);
ctoid = envEncData.getContentType().getId();
if (ctoid.equals(CMSObjectIdentifiers.envelopedData.getId())) {
envData = new EnvelopedData((ASN1Sequence) envEncData.getContent());
ASN1Set recipientInfos = envData.getRecipientInfos();
Enumeration e = recipientInfos.getObjects();
while (e.hasMoreElements()) {
RecipientInfo ri = RecipientInfo.getInstance(e.nextElement());
KeyTransRecipientInfo recipientInfo = KeyTransRecipientInfo.getInstance(ri.getInfo());
RecipientIdentifier rid = recipientInfo.getRecipientIdentifier();
IssuerAndSerialNumber iasn = IssuerAndSerialNumber.getInstance(rid.getId());