views:

30

answers:

0

Hello there,

A bit of a long shot here, but this site has continued to impress. Recently I've been doing a bunch of work with SCEP (Simple Certificate Enrollment Protocol). Specifically I've been tasked with writing a SCEP/CA server and a client to get certificate from my and other SCEP servers.

So I'm really, really close to being done. The snag I've run into now is that the SCEP client works with all my test SCEP server except for a Microsoft CA. In digging I've found that Microsoft doesn't used what's know as CMS messages, they use CMC messages. Unfortunately I haven't found a way to parse that with the current utilities I have (mainly BouncyCastle). Here's an example of my code...

//certData is the data I get in response from the SCEP server
CMSSignedData outerData = new CMSSignedData(certData);
SignerInformationStore signers = outerData.getSignerInfos();
ArrayList signersList = new ArrayList(signers.getSigners());
for(Object o : signersList){
    SignerInformation signer = (SignerInformation)o;
    System.out.println("Verifying Signer: " + signer.verify(getCACert(), new BouncyCastleProvider()));
}


byte[] envelopedBA = (byte[])outerData.getSignedContent().getContent();

CMSEnvelopedDataParser ep = null;
try{
    ep = new CMSEnvelopedDataParser(envelopedBA);
}
catch(Exception e){
    //This is where I end up with a Microsoft CA/SCEP server
    //org.bouncycastle.cms.CMSException: IOException reading content.
}

Any thoughts you guys have would be greatly appreciated!