Package org.bouncycastle.cert.crmf

Class CertificateRequestMessage

  • All Implemented Interfaces:
    org.bouncycastle.util.Encodable
    Direct Known Subclasses:
    JcaCertificateRequestMessage
    public class CertificateRequestMessage
extends java.lang.Object
implements org.bouncycastle.util.Encodable
    Carrier for a CRMF CertReqMsg.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.bouncycastle.asn1.crmf.CertTemplate getCertTemplate()
      Return the certificate template contained in this message.
      Control getControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return a control value of the specified type.
      byte[] getEncoded()
      Return the ASN.1 encoding of the certReqMsg we wrap.
      int getProofOfPossessionType()
      Return the type of the proof-of-possession this request message provides.
      boolean hasControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
      Return whether or not this request has a specific type of control value.
      boolean hasControls()
      Return whether or not this request has control values associated with it.
      boolean hasProofOfPossession()
      Return whether or not this request message has a proof-of-possession field in it.
      boolean hasSigningKeyProofOfPossessionWithPKMAC()
      Return whether or not the proof-of-possession (POP) is of the type popSigningKey and it has a public key MAC associated with it.
      boolean isValidSigningKeyPOP​(ContentVerifierProvider verifierProvider)
      Return whether or not a signing key proof-of-possession (POP) is valid.
      boolean isValidSigningKeyPOP​(ContentVerifierProvider verifierProvider, PKMACBuilder macBuilder, char[] password)
      Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
      org.bouncycastle.asn1.crmf.CertReqMsg toASN1Structure()
      Return the underlying ASN.1 object defining this CertificateRequestMessage object.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CertificateRequestMessage

        public CertificateRequestMessage​(byte[] certReqMsg)
                          throws java.io.IOException
        Create a CertificateRequestMessage from the passed in bytes.
        Parameters:
        certReqMsg - BER/DER encoding of the CertReqMsg structure.
        Throws:
        java.io.IOException - in the event of corrupted data, or an incorrect structure.

      • CertificateRequestMessage

        public CertificateRequestMessage​(org.bouncycastle.asn1.crmf.CertReqMsg certReqMsg)

    • Method Detail

      • toASN1Structure

        public org.bouncycastle.asn1.crmf.CertReqMsg toASN1Structure()
        Return the underlying ASN.1 object defining this CertificateRequestMessage object.
        Returns:
        a CertReqMsg.

      • getCertTemplate

        public org.bouncycastle.asn1.crmf.CertTemplate getCertTemplate()
        Return the certificate template contained in this message.
        Returns:
        a CertTemplate structure.

      • hasControls

        public boolean hasControls()
        Return whether or not this request has control values associated with it.
        Returns:
        true if there are control values present, false otherwise.

      • hasControl

        public boolean hasControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
        Return whether or not this request has a specific type of control value.
        Parameters:
        type - the type OID for the control value we are checking for.
        Returns:
        true if a control value of type is present, false otherwise.

      • getControl

        public Control getControl​(org.bouncycastle.asn1.ASN1ObjectIdentifier type)
        Return a control value of the specified type.
        Parameters:
        type - the type OID for the control value we are checking for.
        Returns:
        the control value if present, null otherwise.

      • hasProofOfPossession

        public boolean hasProofOfPossession()
        Return whether or not this request message has a proof-of-possession field in it.
        Returns:
        true if proof-of-possession is present, false otherwise.

      • getProofOfPossessionType

        public int getProofOfPossessionType()
        Return the type of the proof-of-possession this request message provides.
        Returns:
        one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement

      • hasSigningKeyProofOfPossessionWithPKMAC

        public boolean hasSigningKeyProofOfPossessionWithPKMAC()
        Return whether or not the proof-of-possession (POP) is of the type popSigningKey and it has a public key MAC associated with it.
        Returns:
        true if POP is popSigningKey and a PKMAC is present, false otherwise.

      • isValidSigningKeyPOP

        public boolean isValidSigningKeyPOP​(ContentVerifierProvider verifierProvider)
                             throws CRMFException,
                                    java.lang.IllegalStateException
        Return whether or not a signing key proof-of-possession (POP) is valid.
        Parameters:
        verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
        Returns:
        true if the POP is valid, false otherwise.
        Throws:
        CRMFException - if there is a problem in verification or content verifier creation.
        java.lang.IllegalStateException - if POP not appropriate.

      • isValidSigningKeyPOP

        public boolean isValidSigningKeyPOP​(ContentVerifierProvider verifierProvider,
                                    PKMACBuilder macBuilder,
                                    char[] password)
                             throws CRMFException,
                                    java.lang.IllegalStateException
        Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
        Parameters:
        verifierProvider - a provider that can produce content verifiers for the signature contained in this POP.
        macBuilder - a suitable PKMACBuilder to create the MAC verifier.
        password - the password used to key the MAC calculation.
        Returns:
        true if the POP is valid, false otherwise.
        Throws:
        CRMFException - if there is a problem in verification or content verifier creation.
        java.lang.IllegalStateException - if POP not appropriate.

      • getEncoded

        public byte[] getEncoded()
                  throws java.io.IOException
        Return the ASN.1 encoding of the certReqMsg we wrap.
        Specified by:
        getEncoded in interface org.bouncycastle.util.Encodable
        Returns:
        a byte array containing the binary encoding of the certReqMsg.
        Throws:
        java.io.IOException - if there is an exception creating the encoding.