1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.jce;
2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
34c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.io.IOException;
44c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.CRLException;
54c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.CertificateEncodingException;
64c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.X509CRL;
74c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.security.cert.X509Certificate;
8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
94c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive;
104c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertList;
114c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertificateStructure;
124c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x509.X509Name;
13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/**
15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * a utility class that will extract X509Principal objects from X.509 certificates.
16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * <p>
17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Use this in preference to trying to recreate a principal from a String, not all
18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * DNs are what they should be, so it's best to leave them encoded where they
19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * can be.
20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */
21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class PrincipalUtil
22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{
23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * return the issuer of the given cert as an X509PrincipalObject.
25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public static X509Principal getIssuerX509Principal(
27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X509Certificate cert)
28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        throws CertificateEncodingException
29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        try
31b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
32c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom            TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
334c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom                    ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
34b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
354c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom            return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
36b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
37b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        catch (IOException e)
38b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
39b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            throw new CertificateEncodingException(e.toString());
40b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
41b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
42b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
43b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
44b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * return the subject of the given cert as an X509PrincipalObject.
45b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public static X509Principal getSubjectX509Principal(
47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X509Certificate cert)
48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        throws CertificateEncodingException
49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
50b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        try
51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
52c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom            TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
534c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom                    ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
544c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom            return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        catch (IOException e)
57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            throw new CertificateEncodingException(e.toString());
59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
61b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
62b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
63b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * return the issuer of the given CRL as an X509PrincipalObject.
64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public static X509Principal getIssuerX509Principal(
66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X509CRL crl)
67b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        throws CRLException
68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        try
70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
71c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom            TBSCertList tbsCertList = TBSCertList.getInstance(
724c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom                ASN1Primitive.fromByteArray(crl.getTBSCertList()));
73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
744c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom            return new X509Principal(X509Name.getInstance(tbsCertList.getIssuer()));
75b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        catch (IOException e)
77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            throw new CRLException(e.toString());
79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam}
82