Hello,
I'm having a problem using the JSS CRMF classes to decode a CRMF certificate
request generated by mozilla. I make the request using
crypto.generateCRMFRequest() in mozilla, and then try to decode it on the
server using SEQUENCE.OF_Template (CertReqMsg.Template). The exception I get
at the SEQUENCE.OF_Template.decode() call is
InvalidBERException: SEQUENCE(item #0) >> Incorrect form: expected
[CONSTRUCTED], found [PRIMITIVE
Below are the code snippets for generating and decoding the request. The
base64 encoding of the request comes through to the decoder ok, so there
seems to be some mismatch between my decoding approach and the encoded format.
Any suggestions on what is going wrong?
Thanks very much
alex
to generate the request:
var g_CRMFObject;
function makeRequest () {
var dn =
document.forms.namedItem("form").elements.namedItem("DN").value;
// To enable key archival, replace "null" with the transport
// certificate without "BEBIN..." "END..", nor line breaks.
// change keyGenAlg to "rsa-ex"
var keyTransportCert = null;
var keyGenAlg = "rsa-dual-use";
g_CRMFObject = crypto.generateCRMFRequest
( dn,
"regToken", "authenticator",
keyTransportCert,
"submitRequest();",
512, null, keyGenAlg );
}
to decode it:
private String processCRMFRequest (String req)
throws IOException, InvalidBERException
{
// experimention indicates that we need such a tag here,
// otherwise the decoder complains of a tag mismatch
Tag tag = new Tag (Tag.APPLICATION, 13);
ByteArrayInputStream is = new ByteArrayInputStream
(req.getBytes());
SEQUENCE.OF_Template seqt = new SEQUENCE.OF_Template
( new CertReqMsg.Template() );
//
// *** InvalidBERException here ***
//
SEQUENCE seq = (SEQUENCE) seqt.decode
( tag, new ByteArrayInputStream (req.getBytes()) );
CertReqMsg reqMsg = (CertReqMsg) seq.elementAt(0);
CertRequest request = reqMsg.getCertReq();
ByteArrayOutputStream os = new ByteArrayOutputStream ();
request.encode (os);
// use the C encoding - no fancy translations
return os.toString ("C");
}
