|
|
@ -44,6 +44,7 @@ import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.core.AgentManager;
|
|
|
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.exception.AgentCoreOperationException;
|
|
|
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.exception.AgentCoreOperationException;
|
|
|
|
import sun.security.x509.X509CertImpl;
|
|
|
|
import sun.security.x509.X509CertImpl;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.math.BigInteger;
|
|
|
|
import java.math.BigInteger;
|
|
|
|
import java.net.MalformedURLException;
|
|
|
|
import java.net.MalformedURLException;
|
|
|
|
import java.net.URL;
|
|
|
|
import java.net.URL;
|
|
|
@ -82,6 +83,7 @@ public class EnrollmentManager {
|
|
|
|
private static final String KEY_PAIR_ALGORITHM = "RSA";
|
|
|
|
private static final String KEY_PAIR_ALGORITHM = "RSA";
|
|
|
|
private static final String PROVIDER = "BC";
|
|
|
|
private static final String PROVIDER = "BC";
|
|
|
|
private static final String SIGNATURE_ALG = "SHA1withRSA";
|
|
|
|
private static final String SIGNATURE_ALG = "SHA1withRSA";
|
|
|
|
|
|
|
|
private static final String CERT_IS_CA_EXTENSION = "is_ca";
|
|
|
|
private static final int KEY_SIZE = 2048;
|
|
|
|
private static final int KEY_SIZE = 2048;
|
|
|
|
|
|
|
|
|
|
|
|
// Seed to our PRNG. Make sure this is initialised randomly, NOT LIKE THIS
|
|
|
|
// Seed to our PRNG. Make sure this is initialised randomly, NOT LIKE THIS
|
|
|
@ -376,9 +378,9 @@ public class EnrollmentManager {
|
|
|
|
log.debug(((X509Certificate) cert).getIssuerDN().getName());
|
|
|
|
log.debug(((X509Certificate) cert).getIssuerDN().getName());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//TODO: Need to identify the correct certificate.
|
|
|
|
// I have chosen the CA cert based on its BasicConstraintExtension "is_ca" being set to "true"
|
|
|
|
// I have chosen the CA cert based on its BasicConstraint criticality being set to "true"
|
|
|
|
// This is because the returned keystore may contain many certificates including RAs.
|
|
|
|
if (((X509CertImpl) cert).getBasicConstraintsExtension().isCritical()) {
|
|
|
|
if (((Boolean) ((X509CertImpl) cert).getBasicConstraintsExtension().get(CERT_IS_CA_EXTENSION))) {
|
|
|
|
serverCertPublicKey = cert.getPublicKey();
|
|
|
|
serverCertPublicKey = cert.getPublicKey();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -396,6 +398,10 @@ public class EnrollmentManager {
|
|
|
|
String errorMsg = "Could not retrieve [Server-Certificates] from the response message from SCEP-Server.";
|
|
|
|
String errorMsg = "Could not retrieve [Server-Certificates] from the response message from SCEP-Server.";
|
|
|
|
log.error(errorMsg);
|
|
|
|
log.error(errorMsg);
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
|
|
|
|
} catch (IOException e) {
|
|
|
|
|
|
|
|
String errorMsg = "Error occurred whilst trying to get property ['is_ca'] from the retreived Certificates";
|
|
|
|
|
|
|
|
log.error(errorMsg);
|
|
|
|
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return serverCertPublicKey;
|
|
|
|
return serverCertPublicKey;
|
|
|
|