Package org.bouncycastle.cert.crmf

Class CertificateRequestMessage

  • All Implemented Interfaces:
    org.bouncycastle.util.Encodable
    Direct Known Subclasses:
    JcaCertificateRequestMessage
    public class CertificateRequestMessage
extends java.lang.Object
implements org.bouncycastle.util.Encodable
    Carrier for a CRMF CertReqMsg.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.bouncycastle.asn1.ASN1Integer getCertReqId()
      Return the certificate request ID for this message.
      org.bouncycastle.asn1.crmf.CertTemplate getCertTemplate()
      Return the certificate template contained in this message.
      Control getControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return a control value of the specified type.
      byte[] getEncoded()
      Return the ASN.1 encoding of the certReqMsg we wrap.
      int getProofOfPossessionType()
      Return the type of the proof-of-possession this request message provides.
      boolean hasControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return whether or not this request has a specific type of control value.
      boolean hasControls()
      Return whether or not this request has control values associated with it.
      boolean hasProofOfPossession()
      Return whether or not this request message has a proof-of-possession field in it.
      boolean hasSigningKeyProofOfPossessionWithPKMAC()
      Return whether or not the proof-of-possession (POP) is of the type popSigningKey and it has a public key MAC associated with it.
      boolean isValidSigningKeyPOP​(org.bouncycastle.operator.ContentVerifierProvider verifierProvider)
      Return whether or not a signing key proof-of-possession (POP) is valid.
      boolean isValidSigningKeyPOP​(org.bouncycastle.operator.ContentVerifierProvider verifierProvider, PKMACBuilder macBuilder, char[] password)
      Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
      org.bouncycastle.asn1.crmf.CertReqMsg toASN1Structure()
      Return the underlying ASN.1 object defining this CertificateRequestMessage object.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CertificateRequestMessage

        public CertificateRequestMessage​(byte[] certReqMsg)
                          throws java.io.IOException
        Create a CertificateRequestMessage from the passed in bytes.
        Parameters:
        certReqMsg - BER/DER encoding of the CertReqMsg structure.
        Throws:
        java.io.IOException - in the event of corrupted data, or an incorrect structure.

      • CertificateRequestMessage

        public CertificateRequestMessage​(org.bouncycastle.asn1.crmf.CertReqMsg certReqMsg)

    • Method Detail

      • toASN1Structure

        public org.bouncycastle.asn1.crmf.CertReqMsg toASN1Structure()
        Return the underlying ASN.1 object defining this CertificateRequestMessage object.
        Returns:
        a CertReqMsg.

      • getCertReqId

        public org.bouncycastle.asn1.ASN1Integer getCertReqId()
        Return the certificate request ID for this message.
        Returns:
        the certificate request ID.

      • getCertTemplate

        public org.bouncycastle.asn1.crmf.CertTemplate getCertTemplate()
        Return the certificate template contained in this message.
        Returns:
        a CertTemplate structure.

      • hasControls

        public boolean hasControls()
        Return whether or not this request has control values associated with it.
        Returns:
        true if there are control values present, false otherwise.

      • hasControl

        public boolean hasControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
        Return whether or not this request has a specific type of control value.
        Parameters:
        type - the type OID for the control value we are checking for.
        Returns:
        true if a control value of type is present, false otherwise.

      • getControl

        public Control getControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
        Return a control value of the specified type.
        Parameters:
        type - the type OID for the control value we are checking for.
        Returns:
        the control value if present, null otherwise.

      • hasProofOfPossession

        public boolean hasProofOfPossession()
        Return whether or not this request message has a proof-of-possession field in it.
        Returns:
        true if proof-of-possession is present, false otherwise.

      • getProofOfPossessionType

        public int getProofOfPossessionType()
        Return the type of the proof-of-possession this request message provides.
        Returns:
        one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement

      • hasSigningKeyProofOfPossessionWithPKMAC

        public boolean hasSigningKeyProofOfPossessionWithPKMAC()
        Return whether or not the proof-of-possession (POP) is of the type popSigningKey and it has a public key MAC associated with it.
        Returns:
        true if POP is popSigningKey and a PKMAC is present, false otherwise.

      • isValidSigningKeyPOP

        public boolean isValidSigningKeyPOP​(org.bouncycastle.operator.ContentVerifierProvider verifierProvider)
                             throws CRMFException,
                                    java.lang.IllegalStateException
        Return whether or not a signing key proof-of-possession (POP) is valid.
        Parameters:
        verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
        Returns:
        true if the POP is valid, false otherwise.
        Throws:
        CRMFException - if there is a problem in verification or content verifier creation.
        java.lang.IllegalStateException - if POP not appropriate.

      • isValidSigningKeyPOP

        public boolean isValidSigningKeyPOP​(org.bouncycastle.operator.ContentVerifierProvider verifierProvider,
                                    PKMACBuilder macBuilder,
                                    char[] password)
                             throws CRMFException,
                                    java.lang.IllegalStateException
        Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
        Parameters:
        verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
        macBuilder - a suitable PKMACBuilder to create the MAC verifier.
        password - the password used to key the MAC calculation.
        Returns:
        true if the POP is valid, false otherwise.
        Throws:
        CRMFException - if there is a problem in verification or content verifier creation.
        java.lang.IllegalStateException - if POP not appropriate.

      • getEncoded

        public byte[] getEncoded()
                  throws java.io.IOException
        Return the ASN.1 encoding of the certReqMsg we wrap.
        Specified by:
        getEncoded in interface org.bouncycastle.util.Encodable
        Returns:
        a byte array containing the binary encoding of the certReqMsg.
        Throws:
        java.io.IOException - if there is an exception creating the encoding.