byte[] to X509Certificate help needed

Discussion in 'Java' started by iksrazal, Feb 29, 2004.

  1. iksrazal

    iksrazal Guest

    I am creating a X509Certificate class from a JKS type keystore, then
    storing those in LDAP. I am now trying to read the cert out of
    openldap and convert it back to X509Certificate. I am having problems
    on the last step. I have tried several different ways.

    This gives me the notorious 'lengthTag=127, too big' error. My search
    is turning up userCertificate;binary - and when I find that I try to
    convert like this:


    final static String newContext = "cn=Robert,o=Magna,c=US";
    final static String who = "cn=Robert";
    NamingEnumeration results = ctx.search(newContext, who, constraints);
    if (results.hasMore())
    {
    SearchResult sr = (SearchResult) results.next();
    javax.naming.directory.Attributes xanswer =
    sr.getAttributes();
    javax.naming.directory.Attribute attribute =
    xanswer.get("userCertificate;binary");
    // check if userCertificate attribute missing
    if (attribute!=null)
    {
    // retrieve cert as binary object
    Object bin = attribute.get();
    // convert to byte array
    byte[] buf = (byte[])bin;
    // convert to X.509 class
    X509Certificate cert = null;
    CertificateFactory cf = CertificateFactory.getInstance(
    "X.509" );
    if (null == cf)
    {
    throw new Exception ("no provider found");
    }

    ByteArrayInputStream bais = new ByteArrayInputStream(buf);
    while (bais.available() > 0)
    {
    cert = (X509Certificate) cf.generateCertificate( bais );
    }
    System.out.println ("It works!!!");
    }

    It throws right before the last println.

    Alternatively I am trying via CertStore. This code cant seem to find
    the subject:

    final static String newContext = "cn=Robert,o=Magna,c=US";
    LDAPCertStoreParameters lcsp = new
    LDAPCertStoreParameters("localhost", 389);
    CertStore cs = CertStore.getInstance("LDAP", lcsp);
    X509CertSelector xcs = new X509CertSelector();
    xcs.setSubject(newContext);
    Collection certs = cs.getCertificates(xcs);
    if (certs.isEmpty())
    {
    throw new Exception("can't find cert");
    }
    else
    {
    System.out.println("Yes!!!!!!!");
    }

    When searching I get the following results:

    Distinguished Name is
    userCertificate;binary:
    [B@b66cc
    objectClass:
    person
    organizationalPerson
    inetOrgPerson
    sn:
    Lazarski
    cn:
    Robert

    Please help,
    iksrazal
     
    iksrazal, Feb 29, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    2
    Views:
    14,644
    =?iso-8859-1?B?QmVub+50?=
    Jun 23, 2005
  2. JN
    Replies:
    0
    Views:
    147
  3. Peter Ritchie [C# MVP]

    Verifying X509Certificate signature

    Peter Ritchie [C# MVP], Jul 31, 2008, in forum: ASP .Net Security
    Replies:
    8
    Views:
    1,756
    Peter Ritchie [C# MVP]
    Aug 5, 2008
  4. Matthew

    X509Certificate not passed to webservice.

    Matthew, Oct 28, 2004, in forum: ASP .Net Web Services
    Replies:
    3
    Views:
    287
    Matthew
    Nov 5, 2004
  5. Ash

    Access X509Certificate Store from ASP.net 2.0

    Ash, Jul 24, 2006, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    156
Loading...

Share This Page