1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.jce; 2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 34c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.io.IOException; 44c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.CRLException; 54c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.CertificateEncodingException; 64c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.X509CRL; 74c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.X509Certificate; 8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 94c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive; 104c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertList; 114c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertificateStructure; 124c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.X509Name; 13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/** 15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * a utility class that will extract X509Principal objects from X.509 certificates. 16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * <p> 17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Use this in preference to trying to recreate a principal from a String, not all 18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * DNs are what they should be, so it's best to leave them encoded where they 19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * can be. 20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class PrincipalUtil 22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{ 23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the issuer of the given cert as an X509PrincipalObject. 25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public static X509Principal getIssuerX509Principal( 27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Certificate cert) 28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateEncodingException 29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 31b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 32c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance( 334c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Primitive.fromByteArray(cert.getTBSCertificate())); 34b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 354c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new X509Principal(X509Name.getInstance(tbsCert.getIssuer())); 36b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 37b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 38b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 39b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateEncodingException(e.toString()); 40b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 41b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 42b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 43b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 44b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the subject of the given cert as an X509PrincipalObject. 45b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public static X509Principal getSubjectX509Principal( 47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Certificate cert) 48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateEncodingException 49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 50b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 52c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance( 534c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Primitive.fromByteArray(cert.getTBSCertificate())); 544c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new X509Principal(X509Name.getInstance(tbsCert.getSubject())); 55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateEncodingException(e.toString()); 59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 61b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 62b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 63b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the issuer of the given CRL as an X509PrincipalObject. 64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public static X509Principal getIssuerX509Principal( 66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509CRL crl) 67b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CRLException 68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 71c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom TBSCertList tbsCertList = TBSCertList.getInstance( 724c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Primitive.fromByteArray(crl.getTBSCertList())); 73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 744c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new X509Principal(X509Name.getInstance(tbsCertList.getIssuer())); 75b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CRLException(e.toString()); 79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam} 82