Add SCEP support

fixes https://roadmap.entgra.net/issues/10042
remotes/1725333865317989910/master
inoshperera 2 years ago committed by pasindu
parent 8b928a4aca
commit 19048ef341

@ -55,10 +55,28 @@ import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.Store; import org.bouncycastle.util.Store;
import org.jscep.message.*; import org.jscep.message.CertRep;
import org.jscep.message.MessageDecodingException;
import org.jscep.message.MessageEncodingException;
import org.jscep.message.PkcsPkiEnvelopeDecoder;
import org.jscep.message.PkcsPkiEnvelopeEncoder;
import org.jscep.message.PkiMessage;
import org.jscep.message.PkiMessageDecoder;
import org.jscep.message.PkiMessageEncoder;
import org.jscep.transaction.FailInfo; import org.jscep.transaction.FailInfo;
import org.jscep.transaction.Nonce; import org.jscep.transaction.Nonce;
import org.jscep.transaction.TransactionId; import org.jscep.transaction.TransactionId;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import javax.naming.InvalidNameException; import javax.naming.InvalidNameException;
@ -70,12 +88,35 @@ import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.*; import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.cert.*; import java.security.cert.*;
import java.security.spec.InvalidKeySpecException; import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec; import java.security.spec.X509EncodedKeySpec;
import java.util.*; import java.util.*;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;
>>>>>>> dfe957b019 (Add SCEP support):components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/impl/CertificateGenerator.java
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
public class CertificateGenerator { public class CertificateGenerator {
@ -773,6 +814,7 @@ public class CertificateGenerator {
BigInteger serialNumber = BigInteger.valueOf(System.currentTimeMillis()); BigInteger serialNumber = BigInteger.valueOf(System.currentTimeMillis());
<<<<<<< HEAD:components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/impl/CertificateGenerator.java
//Reversing the order of components of the subject DN due to Nginx not verifying the client certificate //Reversing the order of components of the subject DN due to Nginx not verifying the client certificate
//generated by Java using this subject DN. //generated by Java using this subject DN.
//Ref: https://stackoverflow.com/questions/33769978 & engineering mail SCEP implementation for Android //Ref: https://stackoverflow.com/questions/33769978 & engineering mail SCEP implementation for Android
@ -783,6 +825,10 @@ public class CertificateGenerator {
} }
String subjectDn = joiner.toString(); String subjectDn = joiner.toString();
X500Name issuerName = new X500Name(subjectDn); X500Name issuerName = new X500Name(subjectDn);
=======
X500Name issuerName = new X500Name(certCA.getSubjectDN().getName());
>>>>>>> dfe957b019 (Add SCEP support):components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/impl/CertificateGenerator.java
String commonName = certificationRequest.getSubject().getRDNs(BCStyle.CN)[0].getFirst() String commonName = certificationRequest.getSubject().getRDNs(BCStyle.CN)[0].getFirst()
.getValue().toString(); .getValue().toString();
X500Name subjectName = new X500Name("O=" + commonName + "O=AndroidDevice,CN=" + X500Name subjectName = new X500Name("O=" + commonName + "O=AndroidDevice,CN=" +

Loading…
Cancel
Save