I am using Axis and WSS4J for security. I am having problems communicating with my vendor when using his public certificate for encrypting. I am able to do the encryption but am not able to send the KeyIdentifier along, which is what he expects
In org.apache.ws.security.components.crypto the following is an excerpt when calling to get the SKIBytes, the identifier. the line: byte[] derEncodedValue = cert.getExtensionValue(SKI_OID); returns a null and I get a null pointer later. Bottom line is that there is no extension value of type "2.5.29.14" in the certificate. Is there any other way to get the ID? I don't believe that this extension is required in this extension, but I need to pass along the key identifier. Presumable it exists, in the certificate. Or is that a bad assumption. I'm sort of stuck ... thanks for any help. /** * Reads the SubjectKeyIdentifier information from the certificate. * <p/> * If the the certificate does not contain a SKI extension then * try to compute the SKI according to RFC3280 using the * SHA-1 hash value of the public key. The second method described * in RFC3280 is not support. Also only RSA public keys are supported. * If we cannot compute the SKI throw a WSSecurityException. * * @param cert The certificate to read SKI * @return The byte array conating the binary SKI data */ public byte[] getSKIBytesFromCert(X509Certificate cert) throws WSSecurityException { /* * Gets the DER-encoded OCTET string for the extension value (extnValue) * identified by the passed-in oid String. The oid string is represented * by a set of positive whole numbers separated by periods. */ byte[] derEncodedValue = cert.getExtensionValue(SKI_OID);