Code Comments

Programming Forum and web based access to our favorite programming groups.
For Programmers: Free Programming Magazines | New: Database administration forum
Registration is free! Edit your profileCalendarFind other membersFrequently Asked QuestionsSearch -> 
Code Comments > Java Forum > Java Security >

Problems creating X509Certificate out of ldap


Post New Thread











Thread
Author
Problems creating X509Certificate out of ldap
I am creating a X509Certificate class from a JKS type keystore, then
storing those in LDAP. I am now trying to read the cert out of
openldap and convert it back to X509Certificate. I am having problems
on the last step. I have tried several different ways.

This gives me the notorious 'lengthTag=127, too big' error. My search
is turning up userCertificate;binary - and when I find that I try to
convert like this:

NamingEnumeration results = ctx.search(newContext, who, constraints);
if (results.hasMore())
{
SearchResult sr = (SearchResult) results.next();
javax.naming.directory.Attributes xanswer =
sr.getAttributes();
javax.naming.directory.Attribute attribute =
xanswer.get("userCertificate;binary");
// check if userCertificate attribute missing
if (attribute!=null)
{
// retrieve cert as binary object
Object bin = attribute.get();
// convert to byte array
byte[] buf = (byte[])bin;
// convert to X.509 class
X509Certificate cert = null;
CertificateFactory cf = CertificateFactory.getInstance(
"X.509" );
if (null == cf)
{
throw new Exception ("no provider found");
}

ByteArrayInputStream bais = new ByteArrayInputStream(buf);
while (bais.available() > 0)
{
cert = (X509Certificate) cf.generateCertificate( bais );
}
System.out.println ("It works!!!");
}

It throws right before the last println.

Alternatively I am trying via CertStore. This code cant seem to find
the subject:

final static String newContext = "cn=Robert,o=Magna,c=US";
LDAPCertStoreParameters lcsp = new
LDAPCertStoreParameters("localhost", 389);
CertStore cs = CertStore.getInstance("LDAP", lcsp);
X509CertSelector xcs = new X509CertSelector();
xcs.setSubject(newContext);
Collection certs = cs.getCertificates(xcs);
if (certs.isEmpty())
{
throw new Exception("can't find cert");
}
else
{
// try to verify signature with each cert (if more than one)
...
// obtain initial directory context using the environment
System.out.println("Yes!!!!!!!");
}

When searching I get the following results:

Distinguished Name is
userCertificate;binary:
[B@b66cc
objectClass:
person
organizationalPerson
inetOrgPerson
sn:
Lazarski
cn:
Robert

Please help,
iksrazal

Report this thread to moderator Post Follow-up to this message
Old Post
iksrazal
03-20-04 01:54 AM

Sponsored Links



Last Thread Next Thread Next
Search this forum -> 
Post New Thread

Java Security archive

Show a Printable Version Send to friend Email This Page to Someone! subscribe to this thread Receive updates to this thread
Computer Consultants
Programming Jobs
Visual Basic Controls
SQL Server Programming
Webservices
Java Security
Visual Studio
C# Programming
Visual J++
Software engineering
Open source Software
Perl Programming
PHP Programming
ASP Programming
ASP .NET Programming
Visual Basic Programming
Windows Scripting Host
Java Programming
Java Help
Java Beans
VBScript
Cobol
MAC Applications
Unix Programming
Forum Jump:
All times are GMT. The time now is 11:53 AM.

 
Free MCSE Braindumps | Real Estate Topics
Programming forum archive

Copyrights CodeComments.com 2004 - 2006

Powered by vBulletin Copyright 2000-2006 Jelsoft Enterprises Limited.