Author: fadushin
Date: Fri Apr 11 14:07:46 2008
New Revision: 647311
URL: http://svn.apache.org/viewvc?rev=647311&view=rev
Log:
WSS-97 Pass correct OID to getExtensionValue
* Applied Patrick's patch to pass the correct OID
to the getExtensionValue operation on an X.509 Cert.
No test case added, because I do not see an easy way to
create an X.509 CA certificate with NameConstraints.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/Merlin.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/Merlin.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/Merlin.java?rev=647311&r1=647310&r2=647311&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/Merlin.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/Merlin.java
Fri Apr 11 14:07:46 2008
@@ -47,6 +47,13 @@
* @author Davanum Srinivas ([EMAIL PROTECTED]).
*/
public class Merlin extends AbstractCrypto {
+ /**
+ * OID For the NameConstraints Extension to X.509
+ *
+ * http://java.sun.com/j2se/1.4.2/docs/api/
+ * http://www.ietf.org/rfc/rfc3280.txt (s. 4.2.1.11)
+ */
+ public static final String NAME_CONSTRAINTS_OID = "2.5.29.30";
/**
* Constructor. <p/>
@@ -150,7 +157,7 @@
X509Certificate cert = (X509Certificate) this.cacerts
.getCertificate(alias);
TrustAnchor anchor = new TrustAnchor(cert, cert
- .getExtensionValue("NameConstraints"));
+ .getExtensionValue(NAME_CONSTRAINTS_OID));
set.add(anchor);
}
@@ -161,7 +168,7 @@
X509Certificate cert = (X509Certificate) this.keystore
.getCertificate(alias);
TrustAnchor anchor = new TrustAnchor(cert, cert
- .getExtensionValue("NameConstraints"));
+ .getExtensionValue(NAME_CONSTRAINTS_OID));
set.add(anchor);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
