List of usage examples for java.security.cert X509Certificate getSubjectX500Principal
public X500Principal getSubjectX500Principal()
From source file:com.codedx.burp.security.InvalidCertificateDialogStrategy.java
private static String getCN(X509Certificate cert) { String principal = cert.getSubjectX500Principal().toString(); StringTokenizer tokenizer = new StringTokenizer(principal, ","); while (tokenizer.hasMoreTokens()) { String token = tokenizer.nextToken(); int i = token.indexOf("CN="); if (i >= 0) { return token.substring(i + 3); }//w w w .j av a 2 s . com } return null; }
From source file:org.aevans.goat.net.SSLStrategyGetter.java
public static SchemeIOSessionStrategy getSchemeIOSessionStrategy() { DefaultHostnameVerifier hostnameVerifier = new DefaultHostnameVerifier( PublicSuffixMatcherLoader.getDefault()); SchemeIOSessionStrategy sioss = new SchemeIOSessionStrategy() { @Override//from w w w . j a v a 2 s .com public boolean isLayeringRequired() { return true; } @Override public IOSession upgrade(final HttpHost host, final IOSession iosession) throws IOException { SSLSetupHandler handler = new SSLSetupHandler() { @Override public void initalize(SSLEngine sslengine) throws SSLException { } @Override public void verify(IOSession iosession, SSLSession sslsession) throws SSLException { if (!hostnameVerifier.verify(host.getHostName(), sslsession)) { final java.security.cert.Certificate[] certs = sslsession.getPeerCertificates(); final X509Certificate x509 = (X509Certificate) certs[0]; final X500Principal x500Principal = x509.getSubjectX500Principal(); throw new SSLPeerUnverifiedException("Host name '" + host.getHostName() + "' does not match " + "the certificate subject provided by the peer (" + x500Principal.toString() + ")"); } } }; SSLBufferManagementStrategy sslbm = new ReleasableSSLBufferManagementStrategy(); SSLIOSession ssio = new SSLIOSession(iosession, SSLMode.CLIENT, host, SSLContexts.createDefault(), handler, sslbm); iosession.setAttribute(SSLIOSession.SESSION_KEY, ssio); ssio.initialize(); return ssio; } }; return sioss; }
From source file:be.fedict.eid.applet.service.impl.UserIdentifierUtil.java
/** * Gives back a unique user identifier given an X509 certificate. * /*from w w w . ja v a 2s .co m*/ * @param signingCertificate * @return */ public static String getUserId(X509Certificate signingCertificate) { X500Principal userPrincipal = signingCertificate.getSubjectX500Principal(); String name = userPrincipal.toString(); int serialNumberBeginIdx = name.indexOf("SERIALNUMBER="); if (-1 == serialNumberBeginIdx) { throw new SecurityException("SERIALNUMBER not found in X509 CN"); } int serialNumberValueBeginIdx = serialNumberBeginIdx + "SERIALNUMBER=".length(); int serialNumberValueEndIdx = name.indexOf(",", serialNumberValueBeginIdx); if (-1 == serialNumberValueEndIdx) { serialNumberValueEndIdx = name.length(); } String userId = name.substring(serialNumberValueBeginIdx, serialNumberValueEndIdx); return userId; }
From source file:Main.java
/** Obtiene el nombre común (Common Name, CN) del titular de un * certificado X.509. Si no se encuentra el CN, se devuelve la unidad organizativa * (Organization Unit, OU).//w w w . java 2 s . c o m * @param c * Certificado X.509 del cual queremos obtener el nombre * común * @return Nombre común (Common Name, CN) del titular de un * certificado X.509 */ public static String getCN(final X509Certificate c) { if (c == null) { return null; } return getCN(c.getSubjectX500Principal().toString()); }
From source file:be.e_contract.mycarenet.certra.CertRAClient.java
public static String getSSIN(X509Certificate certificate) { X500Principal userPrincipal = certificate.getSubjectX500Principal(); String name = userPrincipal.toString(); int serialNumberBeginIdx = name.indexOf("SERIALNUMBER="); if (-1 == serialNumberBeginIdx) { throw new SecurityException("SERIALNUMBER not found in X509 CN"); }/*w w w .j av a 2 s .com*/ int serialNumberValueBeginIdx = serialNumberBeginIdx + "SERIALNUMBER=".length(); int serialNumberValueEndIdx = name.indexOf(",", serialNumberValueBeginIdx); if (-1 == serialNumberValueEndIdx) { serialNumberValueEndIdx = name.length(); } String userId = name.substring(serialNumberValueBeginIdx, serialNumberValueEndIdx); return userId; }
From source file:org.apache.ofbiz.base.util.KeyStoreUtil.java
public static Map<String, String> getCertX500Map(java.security.cert.X509Certificate cert) { return getX500Map(cert.getSubjectX500Principal()); }
From source file:io.hops.hopsworks.util.CertificateHelper.java
public static String getCertificatePart(X509Certificate cert, String partName) { String tmpName, name = ""; X500Principal principal = cert.getSubjectX500Principal(); String part = partName + "="; int start = principal.getName().indexOf(part); if (start > -1) { tmpName = principal.getName().substring(start + part.length()); int end = tmpName.indexOf(","); if (end > 0) { name = tmpName.substring(0, end); } else {// w ww . j a va 2 s . co m name = tmpName; } } return name.toLowerCase(); }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateUtil.java
public static boolean isRoot(X509Certificate certificate) { return certificate.getSubjectX500Principal().equals(certificate.getIssuerX500Principal()); }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateUtil.java
public static X500Principal getSubject(X509Certificate certificate) { return certificate.getSubjectX500Principal(); }
From source file:MainClass.java
public static X509Certificate[] buildChain() throws Exception { KeyPair pair = generateRSAKeyPair(); PKCS10CertificationRequest request = generateRequest(pair); KeyPair rootPair = generateRSAKeyPair(); X509Certificate rootCert = generateV1Certificate(rootPair); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); certGen.setIssuerDN(rootCert.getSubjectX500Principal()); certGen.setNotBefore(new Date(System.currentTimeMillis())); certGen.setNotAfter(new Date(System.currentTimeMillis() + 10000)); certGen.setSubjectDN(request.getCertificationRequestInfo().getSubject()); certGen.setPublicKey(request.getPublicKey("BC")); certGen.setSignatureAlgorithm("SHA256WithRSAEncryption"); certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(rootCert)); certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(request.getPublicKey("BC"))); certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment)); certGen.addExtension(X509Extensions.ExtendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth)); ASN1Set attributes = request.getCertificationRequestInfo().getAttributes(); for (int i = 0; i != attributes.size(); i++) { Attribute attr = Attribute.getInstance(attributes.getObjectAt(i)); if (attr.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) { X509Extensions extensions = X509Extensions.getInstance(attr.getAttrValues().getObjectAt(0)); Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement(); X509Extension ext = extensions.getExtension(oid); certGen.addExtension(oid, ext.isCritical(), ext.getValue().getOctets()); }//from ww w. ja v a2s . c o m } } X509Certificate issuedCert = certGen.generateX509Certificate(rootPair.getPrivate()); return new X509Certificate[] { issuedCert, rootCert }; }