0

I did a example code to understand how to get a CRMF (mozilla certificate request) to convert it into a CSR more similar to PKCS#10

I got the Base 64 CRMFRequest as a ASN1InputStream type.

I convert it into a CertReqMsg type (Bouncycastle)

when I debug, I realize the CertReqMsg have the public key, another data like Subject (CN, O, OU, etc)and other, but more important, it has a signature and an AlgoritmIdentifier.

but the object doesn't have getters

How I extract the signature as a DERBitString...? I need it to use as parameter to the CertificationRequest object (which returns the CSR as I want it)

by the way, the CertificationRequest need a CertificationRequestInfo object as parameter. and inside it (CertificationRequestInfo ), it receives Attributes as parameter . I supose to this attributes are of the kind of:

distributionPoint, unotice, policyOID, subjectAlternativeNameDN

I know that it start with a 

    ASN1Set attributes = null;
    attributes = new DERSet();

But I don't know how to fill this paramethers to 

     CertificationRequestInfo info = new CertificationRequestInfo(subject, infoPublicKey, attributes);

Sorry if some question seems obvious... but I can't find the solve..

Thanks in advance

Daniel Perez
  • 43
  • 10

1 Answers1

0

You won't be able to convert the CRMF format into a PKCS#10 CSR.

The CSR is structured like this and signed by the subject's private key:

CertificationRequest ::= SEQUENCE {
    certificationRequestInfo CertificationRequestInfo,
    signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
    signature BIT STRING
}

(Essentially, it's very similar to a self-signed X.509 certificate, without issuer and validity dates.)

Since when you get the CRMF request, you won't have the subject's private key, you won't be able to make this signature.

If you're writing some sort of CA software, you don't really need this. Processing a CRMF request and a CSR request is more or less equivalent. A CA shouldn't really do what the CSR wants blindly anyway, so it would have to vet the attributes it associates with the public key and identity some other way anyway.

Bruno
  • 119,590
  • 31
  • 270
  • 376
  • Thanks for your answer... yes, but I have seen CRMF have something named Proof Of Possession, Which brings a Signature inside ... I think the Private key Sign the public key and this is added at sequence (well, in fact, I hope so). it is because the CA and RA are developed already, and the team who made deny to make any change. This development just read PKCS10's CSR. the only solution that I found is to disassemble the CRMF in parts and assemble into a CSR – Daniel Perez May 10 '12 at 13:20
  • You won't be able to. By definition, the signature ensures that the exact content is matched. You could sign the `certificationRequestInfo` you reconstruct with any other private key, but anything that verify what the PKCS#10 spec say (it has to be signed by the subject's private key) will fail. If what gets the CSR doesn't verify the signature (which isn't necessarily a big deal, provided there are other verifications in place), it might work. – Bruno May 10 '12 at 13:24
  • You can check [this example](https://github.com/harbulot/keygenapp/blob/174d6e7e7bea3130f9c780a55fbb2784342925b1/base/src/main/java/org/jsslutils/keygen/bouncy/BouncyKeygenService.java) if you need to adapt the CA code: it's not complete, but would show you how to handle PKCS#10, CRMF and SPKAC. – Bruno May 10 '12 at 13:26
  • Really Thank you... I'm gonna try it – Daniel Perez May 10 '12 at 15:34
  • I reviewed the source code... but I think I need to know what is the object "DefaultCertificate". I'm reviewing it know. I can see PEM-CSR and SPKAC can be converted into a PKCS#11-CSR, but CRMF is disassembled and is passed by pieces to this object... I understood rightly?. So, the Certificate (DER) can be created without the Private key or a signature of public key? (this is because I know the CSR brings a public key and a signature of this public key, made in the moment of generation by the private key which stay inclosed into the browser keystore or Smart card) – Daniel Perez May 14 '12 at 16:09
  • `DefaultCertificate` here is actually a bad name for it (it shouldn't really implement `Certificate` either). Essentially, it's just a container to hold the information used to issue the certificate (used in its `generate()` method). That's what your CA implementation should do. Not sure what you're saying about PKCS#11 here. The PEM CSR is using PKCS#10. The other two (SPKAC and CRMF) are not converted into PKCS#10, but they're also used to extract the public key (like you would from a CSR). You will need a private key (your CA's) to build a certificate via BC's `X509V3CertificateGenerator`. – Bruno May 14 '12 at 16:23
  • Yes, you are right... I mean PKCS#10 CSR... when I wrote this I was thinking in PKCS#11 because I work with Smart card, for this reason I wrote wrongly PKCS11. thanks for the explanation about the Certificate Object. I gonna try to modify our CA's code. – Daniel Perez May 15 '12 at 13:23