X500Name to java.security.Principal

Question

I am trying to look for the class that implements the java.security.principal to provide Subject DN values for certificate. While searching, I came across X500Name is the class that is usually used for providing subject. However this doesn't implement the Principal interface. What suprises me is that the depreciated class of X500Name called X509Principal implements this interface unlike X500Name. What class to use?

Thanks

Answer 1

我建议使用一个充气城堡类:org.bouncycastle.jce.X509Principal它实现java.security.Principal.为了获取org.bouncycastle.jce.X509Principal实例,您可以使用以下方法:

public static org.bouncycastle.jce.X509Principal getSubjectX509Principal(
    java.security.cert.X509Certificate cert) throws CertificateEncodingException

班上的org.bouncycastle.jce.PrincipalUtil.

我给你一个样品:

import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

public class X509PrincipalSample {

    public static void main(String[] args) throws Exception {

            CertificateFactory cf = CertificateFactory.getInstance("X509");
            // certificate file must be encoded in DER binary format
            FileInputStream certificateFile = new FileInputStream("/tmp/cer.cer");
            X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile);
            X509Principal x509Principal = PrincipalUtil.getSubjectX509Principal(certificate);
            System.out.println(x509Principal.getName());
    }
}

希望这可以帮助,

编辑:

如你所说,org.bouncycastle.jce.X509Principal在最后一个充气城堡发布中被弃用了.所以你可以使用org.bouncycastle.asn1.x500.X500NamesubjectDN字段,但是如果你想使用一个实现java.security.Principaluse 的类javax.security.auth.x500.X500Principal,我给你另一个例子:

import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import javax.security.auth.x500.X500Principal;

import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;


public class X500NameSample {

    public static void main(String[] args) throws Exception {

         CertificateFactory cf = CertificateFactory.getInstance("X509");
         // certificate file must be encoded in DER binary format
         FileInputStream certificateFile = new FileInputStream("C:/Documents and Settings/aciffone/Escritorio/cer.cer");
         X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile);

         // using X500Principal
         X500Principal subjectX500Principal = certificate.getSubjectX500Principal();
         System.out.println(subjectX500Principal.getName());
         System.out.println(subjectX500Principal.getName(X500Principal.RFC1779));
         System.out.println(subjectX500Principal.getName(X500Principal.CANONICAL));

         // using X500Name
         X500Name x500name = new X500Name( subjectX500Principal.getName(X500Principal.RFC1779) );
         // you can get the different subject DN values with BCStyle constants
         RDN cn = x500name.getRDNs(BCStyle.CN)[0];
         System.out.println(IETFUtils.valueToString(cn.getFirst().getValue()));

         x500name = new X500Name( subjectX500Principal.getName() );
         // you can get the different subject DN values with BCStyle constants
         cn = x500name.getRDNs(BCStyle.CN)[0];
         System.out.println(IETFUtils.valueToString(cn.getFirst().getValue()));
    }
}