diff options
Diffstat (limited to 'base/java-tools/src')
| -rw-r--r-- | base/java-tools/src/com/netscape/cmstools/CMCRequest.java | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java index 8d49b209b..4adf22ba3 100644 --- a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java +++ b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java @@ -40,6 +40,7 @@ import java.util.StringTokenizer; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.asn1.ANY; import org.mozilla.jss.asn1.ASN1Util; +import org.mozilla.jss.asn1.ASN1Value; import org.mozilla.jss.asn1.BIT_STRING; import org.mozilla.jss.asn1.ENUMERATED; import org.mozilla.jss.asn1.GeneralizedTime; @@ -1708,6 +1709,12 @@ public class CMCRequest { try { TaggedRequest request = encryptedPop.getRequest(); AlgorithmIdentifier thePOPAlgID = encryptedPop.getThePOPAlgID(); + + ASN1Value v = thePOPAlgID.getParameters(); + v = ((ANY) v).decodeWith(new OCTET_STRING.Template()); + byte iv[] = ((OCTET_STRING) v).toByteArray(); + IVParameterSpec ivps = new IVParameterSpec(iv); + AlgorithmIdentifier witnessAlgID = encryptedPop.getWitnessAlgID(); OCTET_STRING witness = encryptedPop.getWitness(); ContentInfo cms = encryptedPop.getContentInfo(); @@ -1734,13 +1741,9 @@ public class CMCRequest { } System.out.println(method + "symKey unwrapped."); - // TODO(alee) The code below should be replaced by code that generates a random IV - byte[] iv = { 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1 }; - IVParameterSpec default_iv = new IVParameterSpec(iv); - byte challenge[] = CryptoUtil.decryptUsingSymmetricKey( token, - default_iv, + ivps, encCI.getEncryptedContent().toByteArray(), symKey, EncryptionAlgorithm.AES_128_CBC); |