[jira] Updated: (WSS-218) getAliasForX509Cert(String, BigInteger) in CryptoBase returns null if not all aliases are certificates

[Michel Schudel (JIRA)]

     [ 
https://issues.apache.org/jira/browse/WSS-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michel Schudel updated WSS-218:
-------------------------------

    Description: 
We want to retrieve a certificate based an on X509IssuerSerial. Our keystore 
has not only the correct certificates but also a lot of secret (3DES) keys.
The method getAliasForX509Cert(String, BigInteger)  does not check if an alias 
is a certificate entry, resulting in a null return when the first alias found 
is a (secret) key.

Please wrap line 334-353 in version 1.5.8 as follows:
if (keystore.isCertificateEntry(alias) {
  (line 334-353)
}

That should do it.

  was:
We want to retrieve a certificate based an on X509IssuerSerial. Our keystore 
has not only the correct certificates but also a lot of secret (3DES) keys.
The method getAliasForX509Cert(String, BigInteger)  does not check if an alias 
is a certificate entry, resulting in a null return when the first alias found 
is a (secret) key.

Please wrap line 334-353 in version 1.5.8 as follows:
if (keystore.isCertificate(alias) {
  (line 334-353)
}

That should do it.


> getAliasForX509Cert(String, BigInteger) in CryptoBase returns null if not all 
> aliases are certificates
> ------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-218
>                 URL: https://issues.apache.org/jira/browse/WSS-218
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.5.8
>            Reporter: Michel Schudel
>            Assignee: Ruchith Udayanga Fernando
>   Original Estimate: 4h
>  Remaining Estimate: 4h
>
> We want to retrieve a certificate based an on X509IssuerSerial. Our keystore 
> has not only the correct certificates but also a lot of secret (3DES) keys.
> The method getAliasForX509Cert(String, BigInteger)  does not check if an 
> alias is a certificate entry, resulting in a null return when the first alias 
> found is a (secret) key.
> Please wrap line 334-353 in version 1.5.8 as follows:
> if (keystore.isCertificateEntry(alias) {
>   (line 334-353)
> }
> That should do it.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org