'[jira] [Created] (WSS-676) CertificateStore should support ALIAS CryptoType'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Created] (WSS-676) CertificateStore should support ALIAS CryptoType
From:       "Lasha Kvatashydze (Jira)" <jira () apache ! org>
Date:       2020-07-15 15:56:00
Message-ID: JIRA.13316964.1594828528000.67583.1594828560038 () Atlassian ! JIRA
[Download RAW message or body]

Lasha Kvatashydze created WSS-676:
-------------------------------------

             Summary: CertificateStore should support ALIAS CryptoType
                 Key: WSS-676
                 URL: https://issues.apache.org/jira/browse/WSS-676
             Project: WSS4J
          Issue Type: Bug
    Affects Versions: 2.3.0
            Reporter: Lasha Kvatashydze
            Assignee: Colm O hEigeartaigh


Certificate store should try to retrieve X509 Certificates using ALIAS. Not \
SUBJECT_DN. {code:java}
public X509Certificate[] getX509Certificates(CryptoType cryptoType) throws \
WSSecurityException {  if (cryptoType == null) {
        return null;
    }
    CryptoType.TYPE type = cryptoType.getType();
    X509Certificate[] certs = null;
    switch (type) {
    case ISSUER_SERIAL:
        certs = getX509Certificates(cryptoType.getIssuer(), cryptoType.getSerial());
        break;
    case THUMBPRINT_SHA1:
        certs = getX509Certificates(cryptoType.getBytes());
        break;
    case SKI_BYTES:
        certs = getX509CertificatesSKI(cryptoType.getBytes());
        break;
    case ALIAS:
    case SUBJECT_DN:
        certs = getX509CertificatesSubjectDN(cryptoType.getSubjectDN());
        break;
    case ENDPOINT:
        break;
    }
    return certs;
}{code}
The issue is visible when:

{{org.apache.wss4j.dom.message.WSSecEncrypt.prepare(Crypto crypto)  }}

is being used. It builds  *CryptoType* object and can provide either  \
*ENDPOINT_KEY_IDENTIFIER*  or  *ALIAS*, leading to: {code:java}
java.lang.NullPointerException: provided null name at     
java.base/javax.security.auth.x500.X500Principal.<init>(X500Principal.java:172) at \
java.base/javax.security.auth.x500.X500Principal.<init>(X500Principal.java:128) at  \
org.apache.wss4j.common.crypto.CertificateStore.getX509CertificatesSubjectDN(CertificateStore.java:431) \
at org.apache.wss4j.common.crypto.CertificateStore.getX509Certificates(CertificateStore.java:92) \
at org.apache.wss4j.dom.message.WSSecEncrypt.prepare(WSSecEncrypt.java:139) at \
org.apache.wss4j.dom.message.WSSecEncrypt.build(WSSecEncrypt.java:172){code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic