1. 首頁
  2. 問答
  3. X500Name到的java.security.Principal

X500Name到的java.security.Principal

2014-04-29 28 views
3

我試圖尋找一個實現的java.security.Principal爲證書提供主題DN值的類。在搜索時,我遇到了X500Name是通常用於提供主題的類。但是,這不會實現Principal界面。令我感到驚訝的是,與X500Name不同,被稱爲X509Principal的X500Name的折舊類實現了此接口。什麼課程可以使用?X500Name到的java.security.Principal

感謝

來源

2014-04-29 user907810

回答

5

我建議使用充氣城堡類:org.bouncycastle.jce.X509Principal它實現java.security.Principal。爲了得到org.bouncycastle.jce.X509Principal例如,您可以使用的方法:

public static org.bouncycastle.jce.X509Principal getSubjectX509Principal(
    java.security.cert.X509Certificate cert) throws CertificateEncodingException
org.bouncycastle.jce.PrincipalUtil

我給你一個例子:

import java.io.FileInputStream; 
import java.security.cert.CertificateFactory; 
import java.security.cert.X509Certificate; 

public class X509PrincipalSample { 

    public static void main(String[] args) throws Exception { 

      CertificateFactory cf = CertificateFactory.getInstance("X509"); 
      // certificate file must be encoded in DER binary format 
      FileInputStream certificateFile = new FileInputStream("/tmp/cer.cer"); 
      X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile); 
      X509Principal x509Principal = PrincipalUtil.getSubjectX509Principal(certificate); 
      System.out.println(x509Principal.getName()); 
    } 
}

希望這有助於

編輯:

正如你所說,org.bouncycastle.jce.X509Principal在過去的充氣城堡版本中使用。所以,你可以使用org.bouncycastle.asn1.x500.X500Name用的subjectDN領域的工作,但是如果你想使用實現java.security.Principal使用javax.security.auth.x500.X500Principal一類,我給你舉個例子:

import java.io.FileInputStream; 
import java.security.cert.CertificateFactory; 
import java.security.cert.X509Certificate; 

import javax.security.auth.x500.X500Principal; 

import org.bouncycastle.asn1.x500.RDN; 
import org.bouncycastle.asn1.x500.X500Name; 
import org.bouncycastle.asn1.x500.style.BCStyle; 
import org.bouncycastle.asn1.x500.style.IETFUtils; 


public class X500NameSample { 

    public static void main(String[] args) throws Exception { 

     CertificateFactory cf = CertificateFactory.getInstance("X509"); 
     // certificate file must be encoded in DER binary format 
     FileInputStream certificateFile = new FileInputStream("C:/Documents and Settings/aciffone/Escritorio/cer.cer"); 
     X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile); 

     // using X500Principal 
     X500Principal subjectX500Principal = certificate.getSubjectX500Principal(); 
     System.out.println(subjectX500Principal.getName()); 
     System.out.println(subjectX500Principal.getName(X500Principal.RFC1779)); 
     System.out.println(subjectX500Principal.getName(X500Principal.CANONICAL)); 

     // using X500Name 
     X500Name x500name = new X500Name(subjectX500Principal.getName(X500Principal.RFC1779)); 
     // you can get the different subject DN values with BCStyle constants 
     RDN cn = x500name.getRDNs(BCStyle.CN)[0]; 
     System.out.println(IETFUtils.valueToString(cn.getFirst().getValue())); 

     x500name = new X500Name(subjectX500Principal.getName()); 
     // you can get the different subject DN values with BCStyle constants 
     cn = x500name.getRDNs(BCStyle.CN)[0]; 
     System.out.println(IETFUtils.valueToString(cn.getFirst().getValue())); 
    } 
}

來源

2014-04-29 12:05:04 albciff

+0

嗯。謝謝albciff。但關鍵是BouncyCastle中的這個類X509Principal已折舊。該文件說:「棄用 使用X500Name類。」。而這正是我的問題 – user907810

+0

你說的沒錯,在過去BC釋放X509Principal已被棄用,對不起,我讓使用示例和舊版本。 – albciff

+0

Hi @ user907810我使用其他課程編輯答案,如果需要,請檢查它。希望這可以幫助。 – albciff

相關問題

 相關問題