我試圖尋找一個實現的java.security.Principal爲證書提供主題DN值的類。在搜索時,我遇到了X500Name是通常用於提供主題的類。但是,這不會實現Principal界面。令我感到驚訝的是,與X500Name不同,被稱爲X509Principal的X500Name的折舊類實現了此接口。什麼課程可以使用?X500Name到的java.security.Principal
感謝
我試圖尋找一個實現的java.security.Principal爲證書提供主題DN值的類。在搜索時,我遇到了X500Name是通常用於提供主題的類。但是,這不會實現Principal界面。令我感到驚訝的是,與X500Name不同,被稱爲X509Principal的X500Name的折舊類實現了此接口。什麼課程可以使用?X500Name到的java.security.Principal
感謝
我建議使用充氣城堡類:org.bouncycastle.jce.X509Principal
它實現java.security.Principal
。爲了得到org.bouncycastle.jce.X509Principal
例如,您可以使用的方法:
public static org.bouncycastle.jce.X509Principal getSubjectX509Principal(
java.security.cert.X509Certificate cert) throws CertificateEncodingException
類
org.bouncycastle.jce.PrincipalUtil
的
。
我給你一個例子:
import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class X509PrincipalSample {
public static void main(String[] args) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X509");
// certificate file must be encoded in DER binary format
FileInputStream certificateFile = new FileInputStream("/tmp/cer.cer");
X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile);
X509Principal x509Principal = PrincipalUtil.getSubjectX509Principal(certificate);
System.out.println(x509Principal.getName());
}
}
希望這有助於
編輯:
正如你所說,org.bouncycastle.jce.X509Principal
在過去的充氣城堡版本中使用。所以,你可以使用org.bouncycastle.asn1.x500.X500Name
用的subjectDN領域的工作,但是如果你想使用實現java.security.Principal
使用javax.security.auth.x500.X500Principal
一類,我給你舉個例子:
import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
public class X500NameSample {
public static void main(String[] args) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X509");
// certificate file must be encoded in DER binary format
FileInputStream certificateFile = new FileInputStream("C:/Documents and Settings/aciffone/Escritorio/cer.cer");
X509Certificate certificate = (X509Certificate) cf.generateCertificate(certificateFile);
// using X500Principal
X500Principal subjectX500Principal = certificate.getSubjectX500Principal();
System.out.println(subjectX500Principal.getName());
System.out.println(subjectX500Principal.getName(X500Principal.RFC1779));
System.out.println(subjectX500Principal.getName(X500Principal.CANONICAL));
// using X500Name
X500Name x500name = new X500Name(subjectX500Principal.getName(X500Principal.RFC1779));
// you can get the different subject DN values with BCStyle constants
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
System.out.println(IETFUtils.valueToString(cn.getFirst().getValue()));
x500name = new X500Name(subjectX500Principal.getName());
// you can get the different subject DN values with BCStyle constants
cn = x500name.getRDNs(BCStyle.CN)[0];
System.out.println(IETFUtils.valueToString(cn.getFirst().getValue()));
}
}
嗯。謝謝albciff。但關鍵是BouncyCastle中的這個類X509Principal已折舊。該文件說:「棄用 使用X500Name類。」。而這正是我的問題 – user907810
你說的沒錯,在過去BC釋放X509Principal已被棄用,對不起,我讓使用示例和舊版本。 – albciff
Hi @ user907810我使用其他課程編輯答案,如果需要,請檢查它。希望這可以幫助。 – albciff