response.sendError(HttpServletResponse.SC_NOT_FOUND, "No CA certificates found.");
}
}
private ScepResponseMessage createPendingResponseMessage(IRequestMessage req, X509Certificate racert, PrivateKey rakey, String cryptProvider) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, IOException, SignRequestException, NotFoundException {
ScepResponseMessage ret = new ScepResponseMessage();
// Create the response message and set all required fields
if (ret.requireSignKeyInfo()) {
log.debug("Signing message with cert: "+racert.getSubjectDN().getName());
ret.setSignKeyInfo(racert, rakey, cryptProvider);
}
if (req.getSenderNonce() != null) {
ret.setRecipientNonce(req.getSenderNonce());
}
if (req.getTransactionId() != null) {
ret.setTransactionId(req.getTransactionId());
}
// Sendernonce is a random number
byte[] senderNonce = new byte[16];
randomSource.nextBytes(senderNonce);
ret.setSenderNonce(new String(Base64.encode(senderNonce)));
// If we have a specified request key info, use it in the reply
if (req.getRequestKeyInfo() != null) {
ret.setRecipientKeyInfo(req.getRequestKeyInfo());
}
// Which digest algorithm to use to create the response, if applicable
ret.setPreferredDigestAlg(req.getPreferredDigestAlg());
// Include the CA cert or not in the response, if applicable for the response type
ret.setIncludeCACert(req.includeCACert());
ret.setStatus(ResponseStatus.PENDING);
ret.create();
return ret;
}