jscep | Java implementation of the Simple Certificate Enrolment | TLS library
kandi X-RAY | jscep Summary
kandi X-RAY | jscep Summary
jscep
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Services the request
- Decodes the provided CMCS signed data
- Gets the CA certificate
- Gets the next CA certificate
- Sends the request and processes the signature
- Converts a Bouncy Castle signed data into a CertStore
- Gets the signed data from the given content
- Checks if the provided signed data is signed by the given certificate
- Analyze the certificate entities
- Selects the certificate of the SCEP message object
- Get the capabilities for the given content
- Validates the input
- Verify the delegate certificate
- Returns a list of cared certificates
- Returns a set of XCertSelectors for the subject DN
- Return the DER - encoded DERSequence
- Returns an instance of CertStoreInspector
- Returns the instance of the CertStoreInspector
- Returns an ASN object identifier for the given encoder
- Returns an instance of the CertStore for the given content
- Gets the signer selectors
- Gets the recipients
- Sends a request
- Verifies the message digest
- Verifies the provided certificate
- Gets the recipient selectors
jscep Key Features
jscep Examples and Code Snippets
Community Discussions
Trending Discussions on jscep
QUESTION
I'm implementing Jscep for android. Initially, I tried Jscep for java and it worked fine. Now in Android, I used SpongyCastle instead of BouncyCastle. Now my problem is that the enrol method of Client class is using BouncyCastle. And so when I try to pass in the arguments, the spongycastle and bouncycastle are not fitting (obviously).
The following extends spongycastle.
...ANSWER
Answered 2019-Jun-11 at 22:54My question is "Should I switch back to BouncyCastle jars?". Or else "How can I pass this spongycastle variable?"
Probably neither will work on on all Android platforms
From what I have seen, Jscep works with (genuine) BouncyCastle not SpongyCastle.
If I read this old issue correctly, the cut-down version of BouncyCastle in pre-3.0 Android is missing functionality that Jscep needs.
For pre-3.0 Android their doesn't appear to be a practical solution. You can't just tell Java to treat those two types as equivalent. It would break the JVM / Davlik runtime type system.
According to this StackOverflow Q&A, in 3.0 Android changed the Java package name on their cut-down BouncyCastle. That means that you should be able to bundle genuine BouncyCastle JARs with a 3.0+ Android app. That should be sufficient to get Jscep to work on that platform.
This SpongyCastle issue comment says that the trick to getting Android to use the genuine BouncyCastle functionality is:
... call
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME)
to remove the built-in BC before callingSecurity.addProvider(new BouncyCastleProvider())
.In theory, it should be possible to port Jscep to use SpongyCastle, but there are no clear indications that anyone has succeeded in doing this. (Given the previous, the need for such a port is only diminishing.)
Also, I couldn't find a free-standing alternative to the Jscep that worked on Android. However, I did find this:
which might be useful.
QUESTION
I've converted a maven project to a jar and now, I'm trying to import this jar to the library of a new non-maven project.
I've tried to write main method on my own in order to call the maven jar classes (I'm a beginner to maven, so I don't know if this is possible). But it didn't work. And even though in the pom.xml, the packaging is set to jar, no jar is created once I install that maven project. So, using INTELLIJ, I exported the jar using the project structure tab. This is the pom.xml
...ANSWER
Answered 2019-May-14 at 12:12You can use the maven jar plugin to create a jar right from maven: https://maven.apache.org/plugins/maven-jar-plugin/
You can add any jar as a dependency to a non-maven project. For IntelliJ, refer to this answer: Correct way to add external jars (lib/*.jar) to an IntelliJ IDEA project
QUESTION
I am trying to obtain the CRL from an OpenXPKI server (the default configuration is used). Requesting and polling of a certificate is possible.
On the OpenXPKI server, I revoked some certificate, created the CRL and published the list. To obtain the CRL I tried different approaches.
First approach:
...ANSWER
Answered 2017-May-30 at 09:40I solved the problem with the help of the JSCEP and OpenXPKI communities. The problem is that the DN of the issuer is reversed, this means e.g. CN=CA,OU=Test CA,DC=OpenXPKI,DC=ORG
is changed to DC=ORG,DC=OpenXPKI,OU=Test CA,CN=CA ONE
and the getCRL
from the OpenXPKI has no entry for the reversed issuer.
An easy fix is to reverse the issuer for the getCRL
request (check OpenXPKI fix) by changing the code from the get_getcrl_issuer_serial.pm file. Add the following code in line 107:
QUESTION
I want to use JSCEP
with Attribute Certificates (ACs), they are part of X.509. When I check the Java libraries. In the java.security.cert
package a abstract X509Certificate
is contained but this certificate inherits a getPublicKey
method from java.security.cert.Certificate
, which is not part of an AC.
My questions:
- Could the
X509Certificate
be used without a public key. So that no problems in the other java classes likeJcaX509CertificateConverter
appear? - Should I implement a own
AttributeCertificate
class, which does not inherit fromjava.security.cert.Certificate
? - What would be the best practice approach?
ANSWER
Answered 2017-Apr-25 at 22:08The X509Certificate
class represents a Public Key Certificate (PKC), while an Attribute Certificate (AC), although it's a similar (but not that much) structure, has no public key. And they're not the same thing.
A X509Certificate
can't be used without a public key, because the key is part of it. If you take a look at the RFC's definition, you'll see it's a mandatory field:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install jscep
You can use jscep like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the jscep component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page