[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    Re: Checking a cert's keyUsage values in JSS
From:       Jamie Nicolson <nicolson () netscape ! com>
Date:       2001-12-21 23:48:11
[Download RAW message or body]

org.mozilla.jss.crypto.X509Certificate does not implement 
java.security.cert.X509Certificate, and specifically does not implement 
the getKeyUsage() method. I recommend you use a CertificateFactory to 
convert the certificate into a java.security.X509Certificate, and call 
the getKeyUsage() method on that.

Patrick wrote:

>1. Here's repeat question:  in JSS, how can one check for a cert's keyUsage
>(digitalSignature, keyEncipherment...) besides checking with NSS via JNI :)
>? I did not see anything in JSS, did I miss it?
>
>2. the SSLCertificateApprovalCallback.ValidityStatus class returns
>BAD_CERT_DOMAIN to indicate a common name mismatch *even on a client
>cert*...This look like it was unecessary, but come to think of it, it may be
>useful in cases where a server app is talking to another server app...So
>this is a good thing.  (Jamie, never my suggestion about fixing this...)
>
>-- Patrick
>
>
>


[prev in list] [next in list] [prev in thread] [next in thread]