org.dataone.proto.trove.jsse.X509CertificateToolset.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.dataone.proto.trove.jsse.X509CertificateToolset.java

Introduction

Here is the source code for org.dataone.proto.trove.jsse.X509CertificateToolset.java

Source

/*
 * This work was created by participants in the DataONE project, and is
 * jointly copyrighted by participating institutions in DataONE. For
 * more information on DataONE, see our web site at http://dataone.org.
 * 
 * Copyright 2014
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * 
 */
package org.dataone.proto.trove.jsse;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERUTF8String;
import org.dataone.configuration.Settings;
import org.dataone.service.types.v1.SubjectInfo;
import org.dataone.service.util.TypeMarshaller;
import org.jibx.runtime.JiBXException;

/**
 *
 * @author waltz
 */
public class X509CertificateToolset {

    public static String CILOGON_OID_SUBJECT_INFO = Settings.getConfiguration().getString("cilogon.oid.subjectinfo",
            "1.3.6.1.4.1.34998.2.1");

    /**
     * Retrieves the extension value given by the OID
     *
     * @see http://stackoverflow.com/questions/2409618/how-do-i-decode-a-der-encoded-string-in-java
     * @param X509Certificate
     * @param oid
     * @return
     * @throws IOException
     */
    protected String getExtensionValue(X509Certificate X509Certificate, String oid) throws IOException {
        String decoded = null;
        byte[] extensionValue = X509Certificate.getExtensionValue(oid);
        if (extensionValue != null) {
            ASN1Primitive derObject = toASN1Primitive(extensionValue);
            if (derObject instanceof DEROctetString) {
                DEROctetString derOctetString = (DEROctetString) derObject;
                derObject = toASN1Primitive(derOctetString.getOctets());
                if (derObject instanceof DERUTF8String) {
                    DERUTF8String s = DERUTF8String.getInstance(derObject);
                    decoded = s.getString();
                }
            }
        }
        return decoded;
    }

    /**
     * Converts the byte data into a DERObject
     *
     * @see http://stackoverflow.com/questions/2409618/how-do-i-decode-a-der-encoded-string-in-java
     * @param data
     * @return
     * @throws IOException
     */
    private ASN1Primitive toASN1Primitive(byte[] data) throws IOException {

        ASN1Primitive dero = null;
        ASN1InputStream asnInputStream = null;
        try {
            ByteArrayInputStream inStream = new ByteArrayInputStream(data);
            asnInputStream = new ASN1InputStream(inStream);
            dero = asnInputStream.readObject();
        } finally {
            IOUtils.closeQuietly(asnInputStream);
        }
        return dero;
    }

    /**
     * Retrieve the SubjectInfo contained in the given certificate
     *
     * @param certificate
     * @return subjectInfo from DataONE representing subject of the certificate
     * @throws IOException
     * @throws InstantiationException
     * @throws IllegalAccessException
     * @throws JiBXException
     */
    public SubjectInfo getSubjectInfo(X509Certificate certificate)
            throws IOException, InstantiationException, IllegalAccessException, JiBXException {
        String subjectInfoValue = this.getExtensionValue(certificate, CILOGON_OID_SUBJECT_INFO);

        SubjectInfo subjectInfo = null;
        if (subjectInfoValue != null) {
            subjectInfo = TypeMarshaller.unmarshalTypeFromStream(SubjectInfo.class,
                    new ByteArrayInputStream(subjectInfoValue.getBytes("UTF-8")));
        }
        return subjectInfo;
    }

    /**
     * Returns the RFC2253 string representation for the certificate's subject This is the standard format used in
     * DataONE.
     *
     * @param certificate
     * @return subject DN using RFC2253 format
     */
    public String getSubjectDN(X509Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        X500Principal principal = certificate.getSubjectX500Principal();
        String dn = principal.getName(X500Principal.RFC2253);
        //dn = standardizeDN(dn);
        return dn;
    }

    /**
     * Returns D1-wide consistent Subject DN string representations
     *
     * @see http://www.ietf.org/rfc/rfc2253.txt
     * @param name - the [reasonable] DN representation
     * @return the standard D1 representation
     */
    public String standardizeDN(String name) {

        X500Principal principal = new X500Principal(name);
        String standardizedName = principal.getName(X500Principal.RFC2253);

        return standardizedName;
    }

}