Package org.bouncycastle.cert.crmf

Class CertificateRequestMessage

java.lang.Object
org.bouncycastle.cert.crmf.CertificateRequestMessage
All Implemented Interfaces:
org.bouncycastle.util.Encodable
Direct Known Subclasses:
JcaCertificateRequestMessage
public class CertificateRequestMessage extends Object implements org.bouncycastle.util.Encodable
Carrier for a CRMF CertReqMsg.

  • Field Details

  • Constructor Details

    • CertificateRequestMessage

      public CertificateRequestMessage(byte[] certReqMsg) throws IOException
      Create a CertificateRequestMessage from the passed in bytes.
      Parameters:
      certReqMsg - BER/DER encoding of the CertReqMsg structure.
      Throws:
      IOException - in the event of corrupted data, or an incorrect structure.

    • CertificateRequestMessage

      public CertificateRequestMessage(org.bouncycastle.asn1.crmf.CertReqMsg certReqMsg)

  • Method Details

    • toASN1Structure

      public org.bouncycastle.asn1.crmf.CertReqMsg toASN1Structure()
      Return the underlying ASN.1 object defining this CertificateRequestMessage object.
      Returns:
      a CertReqMsg.

    • getCertReqId

      public org.bouncycastle.asn1.ASN1Integer getCertReqId()
      Return the certificate request ID for this message.
      Returns:
      the certificate request ID.

    • getCertTemplate

      public org.bouncycastle.asn1.crmf.CertTemplate getCertTemplate()
      Return the certificate template contained in this message.
      Returns:
      a CertTemplate structure.

    • hasControls

      public boolean hasControls()
      Return whether or not this request has control values associated with it.
      Returns:
      true if there are control values present, false otherwise.

    • hasControl

      public boolean hasControl(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return whether or not this request has a specific type of control value.
      Parameters:
      type - the type OID for the control value we are checking for.
      Returns:
      true if a control value of type is present, false otherwise.

    • getControl

      public Control getControl(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return a control value of the specified type.
      Parameters:
      type - the type OID for the control value we are checking for.
      Returns:
      the control value if present, null otherwise.

    • hasProofOfPossession

      public boolean hasProofOfPossession()
      Return whether or not this request message has a proof-of-possession field in it.
      Returns:
      true if proof-of-possession is present, false otherwise.

    • getProofOfPossessionType

      public int getProofOfPossessionType()
      Return the type of the proof-of-possession this request message provides.
      Returns:
      one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement

    • hasSigningKeyProofOfPossessionWithPKMAC

      public boolean hasSigningKeyProofOfPossessionWithPKMAC()
      Return whether or not the proof-of-possession (POP) is of the type popSigningKey and it has a public key MAC associated with it.
      Returns:
      true if POP is popSigningKey and a PKMAC is present, false otherwise.

    • isValidSigningKeyPOP

      public boolean isValidSigningKeyPOP(ContentVerifierProvider verifierProvider) throws CRMFException, IllegalStateException
      Return whether or not a signing key proof-of-possession (POP) is valid.
      Parameters:
      verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
      Returns:
      true if the POP is valid, false otherwise.
      Throws:
      CRMFException - if there is a problem in verification or content verifier creation.
      IllegalStateException - if POP not appropriate.

    • isValidSigningKeyPOP

      public boolean isValidSigningKeyPOP(ContentVerifierProvider verifierProvider, PKMACBuilder macBuilder, char[] password) throws CRMFException, IllegalStateException
      Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
      Parameters:
      verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
      macBuilder - a suitable PKMACBuilder to create the MAC verifier.
      password - the password used to key the MAC calculation.
      Returns:
      true if the POP is valid, false otherwise.
      Throws:
      CRMFException - if there is a problem in verification or content verifier creation.
      IllegalStateException - if POP not appropriate.

    • getEncoded

      public byte[] getEncoded() throws IOException
      Return the ASN.1 encoding of the certReqMsg we wrap.
      Specified by:
      getEncoded in interface org.bouncycastle.util.Encodable
      Returns:
      a byte array containing the binary encoding of the certReqMsg.
      Throws:
      IOException - if there is an exception creating the encoding.