https://bz.apache.org/bugzilla/show_bug.cgi?id=64831
--- Comment #8 from Michael Osipov <[email protected]> --- + private static final List<String> SAN_OIDS = Arrays.asList("otherName", "rfc822Name", "dNSName", "x400Address", + "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID"); Those aren't OID, but GeneralNames. + log.debug("Subject DN: {}", cert.getSubjectDN()); + log.debug("issuer DN: {}", cert.getIssuerDN()); + log.debug("not valid before: {}", cert.getNotBefore().toInstant()); + log.debug("not valid after: {}", cert.getNotAfter().toInstant()); * Please start each log message consistently with uppercase * Use getSubjectX500Principal() and getIssuerX500Principal() + if (oidData instanceof Integer) { + Integer oid = (Integer) oidData; + String description = sanOidToName(oid); + String valueString = sanDataToString(data); + decodedEntries.add(Pair.of(description, valueString)); + } * According to the Javadoc it is always an Integer. One can blindly cast, can't one? * OIDs cannot be Integers. This is logically wrong. + log.debug("Extended Key Usage {} ({})", EXTENDED_KEY_USAGES.getOrDefault(keyUsage, keyUsage), keyUsage); Add a colon after 'Usage'. This makes it easier to read the output. I just have found another EKU OID on my smartcard: Any Purpose (2.5.29.37.0). Except for the comments above, I have tried this with a soft store as well as my smartcard. Looks good to me for now. -- You are receiving this mail because: You are the assignee for the bug.
