-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Michael,
On 6/13/20 14:54, Michael Osipov wrote: > Am 2020-06-12 um 23:54 schrieb Christopher Schultz: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 >> >> All, >> >> I've been writing a Java-based certification-expiration checking >> utility that can handle all kinds of file formats like PEM and >> the various keystore formats supported by the JVM. >> >> Since it's not possible to tell what type of keystore is being >> loaded without writing a bunch of magic-checking code or >> implementing an ASN.1 parser (no thank you), I simply try all >> keystore types until I find one that works. I'm using a >> rewindable InputStream which works well . > > there is no need to, use Apache Directory Kerby ASN.1 module. I use > it too and it works very well for my certiticate tasks at work. It's pretty simple to look for "-----BEGIN" or hand-off things to KeyStore.load. Right now, this is a single-class utility with no dependencies. No need to add more dependencies if they aren't necessary. I'm not looking to build a complete certificate manipulation framework. Attempting to load using KeyStore.load will be required, anyway, for keystore types such as JKS, JCEKS, Windows-MY, Windows-ROOT, KeychainStore, etc. which aren't ASN.1 files like PKCS12. Anyway, the point was that there is a bug in one of the keystore implementations that may cause some troubles. Thanks, - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl7o4iMACgkQHPApP6U8 pFiiiQ/+I2UHDRSi2xqP1ehQIBvwMXDxtXq71nCeZrN6VTEyPJS3V1IqJVKG4eks 9rAc7QnVYBMSaWglzVJQKKl8zdf8GncOYhk8JkDEON7LjLDuyLRj2m/bHkivQs6Q AY/Fo9CRSscxV1YS78erNdMDLwWr7YXmkeJypJ1IL8OaB5kNzIak3t70zb3XRSWb 3JQ4F/64AYv+nnapGbsT2pYTMy6vKOVTearrXKZQJGRD0NIbz7xAh/tceem4eeUh SGQLPJW6Bg1fN52bmKOuluCCu95K8u2eblqoPVlTvtJutxGDSz2HGCjJLISqgJrZ PvwIpsbpCQ8x1vOXL4geu0XhXmpEtA49s3sj8c0aFUM2Aq9z4kRfQz0/BQQaeZo4 r1inQ4CSj2dhtE/7lGtMG4aXjoJgtvC81rcJR/rrr2VjZwQOWSHmcPVWKAG0Pk00 NffUll3+BcZnFbeMzV/GkMonY7bXfHvDkvlwjdA8ykAWAYXUy4fsQoHwU+RiODLh ds7OwjtA6WlJMPvWprZXucmhEAXDBJJsU55ttEtIeDMf3NU6j9ckHwDvzg9M1BcW 2rPgZyOoZiz9vwsjRyEXp7V/luMZI7KnbTpa/l/DkU+ET5284B/zy95V3/CU8HgD oYY5D/PtEdE6S4Y34whpcb7dUffKoFIMDVaDXGbcaA8D5VwRi1g= =0dZ2 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
