1
2
3
4
5
6
7
8
9
10
11 package gov.bnl.gums.util;
12
13 import java.util.Collections;
14 import java.util.Iterator;
15 import java.util.List;
16 import java.util.ArrayList;
17 import java.util.StringTokenizer;
18 import java.security.cert.X509Certificate;
19
20 import org.apache.log4j.Logger;
21
22
23
24
25
26
27 public class CertToolkit {
28 static private Logger log = Logger.getLogger(CertToolkit.class);
29
30
31
32
33
34 public static String convertDN(String commaDN) {
35 List<String> pieces = new ArrayList<String>();
36 while (commaDN.indexOf(", ") != -1) {
37 int pos = commaDN.indexOf(", ");
38 pieces.add(commaDN.substring(0, pos));
39 commaDN = commaDN.substring(pos+2);
40 }
41 pieces.add(commaDN);
42 Collections.reverse(pieces);
43 Iterator<String> iter = pieces.iterator();
44 StringBuffer DN = new StringBuffer();
45 while (iter.hasNext()) {
46 DN.append("/");
47 DN.append((String) iter.next());
48 }
49 return DN.toString();
50 }
51
52
53
54
55
56 public static String getUserDN(X509Certificate cert) {
57 if (cert == null) return null;
58 String commaDN = cert.getSubjectX500Principal().toString();
59
60
61 if (commaDN.toLowerCase().indexOf("proxy") != -1) {
62 commaDN = cert.getIssuerX500Principal().toString();
63 }
64
65 if (cert.getExtensionValue("1.3.6.1.5.5.7") != null) {
66 commaDN = cert.getIssuerX500Principal().toString();
67 }
68
69 if (cert.getExtensionValue("1.3.6.1.4.1.3536.1.222") != null) {
70 commaDN = cert.getIssuerX500Principal().toString();
71 }
72 return convertDN(commaDN);
73 }
74
75
76
77
78
79 public static String[] parseNameAndSurname(String certificateSubject) {
80 int begin = certificateSubject.indexOf("CN=") + 3;
81 String CN = certificateSubject.substring(begin);
82
83 StringTokenizer tokenizer = new StringTokenizer(CN);
84 List<String> tokens = new ArrayList<String>();
85 while (tokenizer.hasMoreTokens()) {
86 tokens.add(tokenizer.nextToken());
87 }
88
89 String name = (String) tokens.get(0);
90
91 int nSurname = 1;
92 while (!checkSurname((String) tokens.get(tokens.size()-nSurname))) {
93 nSurname++;
94 }
95 String surname = (String) tokens.get(tokens.size()-nSurname);
96
97 log.trace("Certificate '" + certificateSubject + "' divided in name='" + name + "' and surname='" + surname + "'");
98 return new String[] {name, surname};
99 }
100
101 public static boolean checkSurname(String possibleSurname) {
102 if (Character.isDigit(possibleSurname.charAt(0))) {
103 return false;
104 }
105 if (possibleSurname.charAt(possibleSurname.length() - 1) == '.') {
106 return false;
107 }
108
109 return true;
110 }
111 }