ASN.1 type of CertProfileValue must be a SEQUENCE (of UTF8String)

See CMP-Updates Section 2.4:

2.4.  New Section 5.1.1.3. - CertProfile

...

      id-it-certProfile  OBJECT IDENTIFIER ::= {id-it 21}
      CertProfileValue ::= SEQUENCE SIZE (1..MAX) OF UTF8String

Here is a preliminary fix for CmpRaComponent:


diff --git a/src/main/java/com/siemens/pki/cmpracomponent/msgvalidation/MessageHeaderValidator.java b/src/main/java/com/siemens/pki/cmpracomponent/msgvalidation/MessageHeaderValidator.java
index a26e1ce..d57b3b7 100644
--- a/src/main/java/com/siemens/pki/cmpracomponent/msgvalidation/MessageHeaderValidator.java
+++ b/src/main/java/com/siemens/pki/cmpracomponent/msgvalidation/MessageHeaderValidator.java
@@ -19,8 +19,10 @@ package com.siemens.pki.cmpracomponent.msgvalidation;

 import java.util.Objects;

+import org.bouncycastle.asn1.ASN1Encodable;
 import org.bouncycastle.asn1.ASN1Integer;
 import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.ASN1UTF8String;
 import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers;
 import org.bouncycastle.asn1.cmp.InfoTypeAndValue;
@@ -109,8 +111,9 @@ public class MessageHeaderValidator implements ValidatorIF<String> {
         for (final InfoTypeAndValue aktGenInfo : generalInfo) {
             if (aktGenInfo.getInfoType()
                     .equals(CMPObjectIdentifiers.id_it_certProfile)) {
-                return ASN1UTF8String.getInstance(aktGenInfo.getInfoValue())
-                        .getString();
+               ASN1Encodable seq = aktGenInfo.getInfoValue(); 
+               ASN1Encodable val = ((ASN1Sequence)seq.toASN1Primitive()).getObjectAt(0);
+                return ASN1UTF8String.getInstance(val).getString();
             }
         }
         return null;

siemens / cmp-ra-component

ASN.1 type of CertProfileValue must be a SEQUENCE (of UTF8String) #1