[jbossws-dev] [Design of JBoss Web Services] - Re: What do we need in terms of x509 cert processing for ws
jason.greene@jboss.com
do-not-reply at jboss.com
Mon Oct 23 14:28:04 EDT 2006
We need 2 things:
1. Ability to generate a v3 cert, bouncy castle does support this. Right now I tell people to use openssl.
2. Support for subject key identifier code follows
3. Ideally all v3 attributes would be supported
| public static byte[] getSubjectKeyIdentifier(X509Certificate cert)
| {
| // Maybee we should make one ourselves if it isn't there?
| byte[] encoded = cert.getExtensionValue("2.5.29.14");
| if (encoded == null)
| return null;
|
| // We need to skip 4 bytes [(OCTET STRING) (LENGTH)[(OCTET STRING) (LENGTH) (Actual data)]]
| int trunc = encoded.length - 4;
|
| byte[] identifier = new byte[trunc];
| System.arraycopy(encoded, 4, identifier, 0, trunc);
|
| return identifier;
| }
|
Let me know how you would like this represented as JIRA issues.
-Jason
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980129#3980129
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980129
More information about the jbossws-dev
mailing list