| Constructor: |
|---|
 public X500Name(String dname) throws IOException {
this(dname, Collections.< String, String >emptyMap());
}
Constructs a name from a conventionally formatted string, such
as "CN=Dave, OU=JavaSoft, O=Sun Microsystems, C=US".
(RFC 1779 or RFC 2253 style). Parameters:
DN - X.500 Distinguished Name
|
public X500Name(RDN[] rdnArray) throws IOException {
if (rdnArray == null) {
names = new RDN[0];
} else {
names = rdnArray.clone();
for (int i = 0; i < names.length; i++) {
if (names[i] == null) {
throw new IOException("Cannot create an X500Name");
}
}
}
} Constructs a name from an array of relative distinguished names Parameters:
rdnArray - array of relative distinguished names
IOException - on error
|
public X500Name(DerValue value) throws IOException {
//Note that toDerInputStream uses only the buffer (data) and not
//the tag, so an empty SEQUENCE (OF) will yield an empty DerInputStream
this(value.toDerInputStream());
} Constructs a name from an ASN.1 encoded value. The encoding
of the name in the stream uses DER (a BER/1 subset). Parameters:
value - a DER-encoded value holding an X.500 name.
|
public X500Name(DerInputStream in) throws IOException {
parseDER(in);
} Constructs a name from an ASN.1 encoded input stream. The encoding
of the name in the stream uses DER (a BER/1 subset). Parameters:
in - DER-encoded data holding an X.500 name.
|
public X500Name(byte[] name) throws IOException {
DerInputStream in = new DerInputStream(name);
parseDER(in);
} Constructs a name from an ASN.1 encoded byte array. Parameters:
name - DER-encoded byte array holding an X.500 name.
|
public X500Name(String dname,
Map<String, String> keywordMap) throws IOException {
parseDN(dname, keywordMap);
} Constructs a name from a conventionally formatted string, such
as "CN=Dave, OU=JavaSoft, O=Sun Microsystems, C=US".
(RFC 1779 or RFC 2253 style). Parameters:
DN - X.500 Distinguished Name
keywordMap - an additional keyword/OID map
|
public X500Name(String dname,
String format) throws IOException {
if (dname == null) {
throw new NullPointerException("Name must not be null");
}
if (format.equalsIgnoreCase("RFC2253")) {
parseRFC2253DN(dname);
} else if (format.equalsIgnoreCase("DEFAULT")) {
parseDN(dname, Collections.< String, String >emptyMap());
} else {
throw new IOException("Unsupported format " + format);
}
} Constructs a name from a string formatted according to format.
Currently, the formats DEFAULT and RFC2253 are supported.
DEFAULT is the default format used by the X500Name(String)
constructor. RFC2253 is format strictly according to RFC2253
without extensions. Parameters:
DN - X.500 Distinguished Name
|
public X500Name(String commonName,
String organizationUnit,
String organizationName,
String country) throws IOException {
names = new RDN[4];
/*
* NOTE: it's only on output that little-endian
* ordering is used.
*/
names[3] = new RDN(1);
names[3].assertion[0] = new AVA(commonName_oid,
new DerValue(commonName));
names[2] = new RDN(1);
names[2].assertion[0] = new AVA(orgUnitName_oid,
new DerValue(organizationUnit));
names[1] = new RDN(1);
names[1].assertion[0] = new AVA(orgName_oid,
new DerValue(organizationName));
names[0] = new RDN(1);
names[0].assertion[0] = new AVA(countryName_oid,
new DerValue(country));
} Constructs a name from fields common in enterprise application
environments.
NOTE: The behaviour when any of
these strings contain characters outside the ASCII range
is unspecified in currently relevant standards. Parameters:
commonName - common name of a person, e.g. "Vivette Davis"
organizationUnit - small organization name, e.g. "Purchasing"
organizationName - large organization name, e.g. "Onizuka, Inc."
country - two letter country code, e.g. "CH"
|
public X500Name(String commonName,
String organizationUnit,
String organizationName,
String localityName,
String stateName,
String country) throws IOException {
names = new RDN[6];
/*
* NOTE: it's only on output that little-endian
* ordering is used.
*/
names[5] = new RDN(1);
names[5].assertion[0] = new AVA(commonName_oid,
new DerValue(commonName));
names[4] = new RDN(1);
names[4].assertion[0] = new AVA(orgUnitName_oid,
new DerValue(organizationUnit));
names[3] = new RDN(1);
names[3].assertion[0] = new AVA(orgName_oid,
new DerValue(organizationName));
names[2] = new RDN(1);
names[2].assertion[0] = new AVA(localityName_oid,
new DerValue(localityName));
names[1] = new RDN(1);
names[1].assertion[0] = new AVA(stateName_oid,
new DerValue(stateName));
names[0] = new RDN(1);
names[0].assertion[0] = new AVA(countryName_oid,
new DerValue(country));
} Constructs a name from fields common in Internet application
environments.
NOTE: The behaviour when any of
these strings contain characters outside the ASCII range
is unspecified in currently relevant standards. Parameters:
commonName - common name of a person, e.g. "Vivette Davis"
organizationUnit - small organization name, e.g. "Purchasing"
organizationName - large organization name, e.g. "Onizuka, Inc."
localityName - locality (city) name, e.g. "Palo Alto"
stateName - state name, e.g. "California"
country - two letter country code, e.g. "CH"
|
| Method from sun.security.x509.X500Name Detail: |
|---|
public List<AVA> allAvas() {
List< AVA > list = allAvaList;
if (list == null) {
list = new ArrayList< AVA >();
for (int i = 0; i < names.length; i++) {
list.addAll(names[i].avas());
}
}
return list;
} Return an immutable List of the the AVAs contained in all the
RDNs of this X500Name. |
public static X500Name asX500Name(X500Principal p) {
try {
X500Name name = (X500Name)principalField.get(p);
name.x500Principal = p;
return name;
} catch (Exception e) {
throw new RuntimeException("Unexpected exception", e);
}
} Get the X500Name contained in the given X500Principal.
Note that the X500Name is retrieved using reflection. |
public X500Principal asX500Principal() {
if (x500Principal == null) {
try {
Object[] args = new Object[] {this};
x500Principal =
(X500Principal)principalConstructor.newInstance(args);
} catch (Exception e) {
throw new RuntimeException("Unexpected exception", e);
}
}
return x500Principal;
} Get an X500Principal backed by this X500Name.
Note that we are using privileged reflection to access the hidden
package private constructor in X500Principal. |
public int avaSize() {
return allAvas().size();
} Return the total number of AVAs contained in all the RDNs of
this X500Name. |
public X500Name commonAncestor(X500Name other) {
if (other == null) {
return null;
}
int otherLen = other.names.length;
int thisLen = this.names.length;
if (thisLen == 0 || otherLen == 0) {
return null;
}
int minLen = (thisLen < otherLen) ? thisLen: otherLen;
//Compare names from highest RDN down the naming tree
//Note that these are stored in RDN[0]...
int i=0;
for (; i < minLen; i++) {
if (!names[i].equals(other.names[i])) {
if (i == 0) {
return null;
} else {
break;
}
}
}
//Copy matching RDNs into new RDN array
RDN[] ancestor = new RDN[i];
for (int j=0; j < i; j++) {
ancestor[j] = names[j];
}
X500Name commonAncestor = null;
try {
commonAncestor = new X500Name(ancestor);
} catch (IOException ioe) {
return null;
}
return commonAncestor;
} Return lowest common ancestor of this name and other name |
public int constrains(GeneralNameInterface inputName) throws UnsupportedOperationException {
int constraintType;
if (inputName == null) {
constraintType = NAME_DIFF_TYPE;
} else if (inputName.getType() != NAME_DIRECTORY) {
constraintType = NAME_DIFF_TYPE;
} else { // type == NAME_DIRECTORY
X500Name inputX500 = (X500Name)inputName;
if (inputX500.equals(this)) {
constraintType = NAME_MATCH;
} else if (inputX500.names.length == 0) {
constraintType = NAME_WIDENS;
} else if (this.names.length == 0) {
constraintType = NAME_NARROWS;
} else if (inputX500.isWithinSubtree(this)) {
constraintType = NAME_NARROWS;
} else if (isWithinSubtree(inputX500)) {
constraintType = NAME_WIDENS;
} else {
constraintType = NAME_SAME_TYPE;
}
}
return constraintType;
} Return constraint type:
- NAME_DIFF_TYPE = -1: input name is different type from this name
(i.e. does not constrain)
- NAME_MATCH = 0: input name matches this name
- NAME_NARROWS = 1: input name narrows this name
- NAME_WIDENS = 2: input name widens this name
- NAME_SAME_TYPE = 3: input name does not match or narrow this name,
& but is same type
. These results are used in checking NameConstraints during
certification path verification. |
static int countQuotes(String string,
int from,
int to) {
int count = 0;
for (int i = from; i < to; i++) {
if ((string.charAt(i) == '"' && i == from) ||
(string.charAt(i) == '"' && string.charAt(i-1) != '\\')) {
count++;
}
}
return count;
} |
public void emit(DerOutputStream out) throws IOException {
encode(out);
} Deprecated! Use - encode() instead
Encodes the name in DER-encoded form. |
public void encode(DerOutputStream out) throws IOException {
DerOutputStream tmp = new DerOutputStream();
for (int i = 0; i < names.length; i++) {
names[i].encode(tmp);
}
out.write(DerValue.tag_Sequence, tmp);
} Encodes the name in DER-encoded form. |
public boolean equals(Object obj) {
if (this == obj) {
return true;
}
if (obj instanceof X500Name == false) {
return false;
}
X500Name other = (X500Name)obj;
// if we already have the canonical forms, compare now
if ((this.canonicalDn != null) && (other.canonicalDn != null)) {
return this.canonicalDn.equals(other.canonicalDn);
}
// quick check that number of RDNs and AVAs match before canonicalizing
int n = this.names.length;
if (n != other.names.length) {
return false;
}
for (int i = 0; i < n; i++) {
RDN r1 = this.names[i];
RDN r2 = other.names[i];
if (r1.assertion.length != r2.assertion.length) {
return false;
}
}
// definite check via canonical form
String thisCanonical = this.getRFC2253CanonicalName();
String otherCanonical = other.getRFC2253CanonicalName();
return thisCanonical.equals(otherCanonical);
} Compares this name with another, for equality. |
public DerValue findMostSpecificAttribute(ObjectIdentifier attribute) {
if (names != null) {
for (int i = names.length - 1; i >= 0; i--) {
DerValue value = names[i].findAttribute(attribute);
if (value != null) {
return value;
}
}
}
return null;
} Find the most specific ("last") attribute of the given
type. |
public String getCommonName() throws IOException {
DerValue attr = findAttribute(commonName_oid);
return getString(attr);
} Returns a "Common Name" component. If more than one such
attribute exists, the topmost one is returned. |
public String getCountry() throws IOException {
DerValue attr = findAttribute(countryName_oid);
return getString(attr);
} Returns a "Country" name component. If more than one
such attribute exists, the topmost one is returned. |
public String getDNQualifier() throws IOException {
DerValue attr = findAttribute(DNQUALIFIER_OID);
return getString(attr);
} Returns a "DN Qualifier" name component. If more than one
such component exists, the topmost one is returned. |
public String getDomain() throws IOException {
DerValue attr = findAttribute(DOMAIN_COMPONENT_OID);
return getString(attr);
} Returns a "Domain" name component. If more than one
such component exists, the topmost one is returned. |
public byte[] getEncoded() throws IOException {
return getEncodedInternal().clone();
} Gets the name in DER-encoded form. |
public byte[] getEncodedInternal() throws IOException {
if (encoded == null) {
DerOutputStream out = new DerOutputStream();
DerOutputStream tmp = new DerOutputStream();
for (int i = 0; i < names.length; i++) {
names[i].encode(tmp);
}
out.write(DerValue.tag_Sequence, tmp);
encoded = out.toByteArray();
}
return encoded;
} Returned the encoding as an uncloned byte array. Callers must
guarantee that they neither modify it not expose it to untrusted
code. |
public String getGeneration() throws IOException {
DerValue attr = findAttribute(GENERATIONQUALIFIER_OID);
return getString(attr);
} Returns a "Generation Qualifier" name component. If more than one
such component exists, the topmost one is returned. |
public String getGivenName() throws IOException {
DerValue attr = findAttribute(GIVENNAME_OID);
return getString(attr);
} Returns a "Given Name" name component. If more than one
such component exists, the topmost one is returned. |
public String getIP() throws IOException {
DerValue attr = findAttribute(ipAddress_oid);
return getString(attr);
} Returns an "IP address" name component. If more than one
such component exists, the topmost one is returned. |
public String getInitials() throws IOException {
DerValue attr = findAttribute(INITIALS_OID);
return getString(attr);
} Returns an "Initials" name component. If more than one
such component exists, the topmost one is returned. |
public String getLocality() throws IOException {
DerValue attr = findAttribute(localityName_oid);
return getString(attr);
} Returns a "Locality" name component. If more than one
such component exists, the topmost one is returned. |
public String getName() {
return toString();
} Returns the value of toString(). This call is needed to
implement the java.security.Principal interface. |
public String getOrganization() throws IOException {
DerValue attr = findAttribute(orgName_oid);
return getString(attr);
} Returns an "Organization" name component. If more than
one such attribute exists, the topmost one is returned. |
public String getOrganizationalUnit() throws IOException {
DerValue attr = findAttribute(orgUnitName_oid);
return getString(attr);
} Returns an "Organizational Unit" name component. If more
than one such attribute exists, the topmost one is returned. |
public String getRFC1779Name() {
return getRFC1779Name(Collections.< String, String >emptyMap());
} Returns a string form of the X.500 distinguished name
using the algorithm defined in RFC 1779. Only standard attribute type
keywords defined in RFC 1779 are emitted. |
public String getRFC1779Name(Map<String, String> oidMap) throws IllegalArgumentException {
if (oidMap.isEmpty()) {
// return cached result
if (rfc1779Dn != null) {
return rfc1779Dn;
} else {
rfc1779Dn = generateRFC1779DN(oidMap);
return rfc1779Dn;
}
}
return generateRFC1779DN(oidMap);
} Returns a string form of the X.500 distinguished name
using the algorithm defined in RFC 1779. Attribute type
keywords defined in RFC 1779 are emitted, as well as additional
keywords contained in the OID/keyword map. |
public String getRFC2253CanonicalName() {
/* check for and return cached name */
if (canonicalDn != null) {
return canonicalDn;
}
/*
* Section 2.1 : if the RDNSequence is an empty sequence
* the result is the empty or zero length string.
*/
if (names.length == 0) {
canonicalDn = "";
return canonicalDn;
}
/*
* 2.1 (continued) : Otherwise, the output consists of the string
* encodings of each RelativeDistinguishedName in the RDNSequence
* (according to 2.2), starting with the last element of the sequence
* and moving backwards toward the first.
*
* The encodings of adjoining RelativeDistinguishedNames are separated
* by a comma character (',' ASCII 44).
*/
StringBuilder fullname = new StringBuilder(48);
for (int i = names.length - 1; i >= 0; i--) {
if (i < names.length - 1) {
fullname.append(',');
}
fullname.append(names[i].toRFC2253String(true));
}
canonicalDn = fullname.toString();
return canonicalDn;
} |
public String getRFC2253Name() {
return getRFC2253Name(Collections.< String, String >emptyMap());
} Returns a string form of the X.500 distinguished name
using the algorithm defined in RFC 2253. Only standard attribute type
keywords defined in RFC 2253 are emitted. |
public String getRFC2253Name(Map<String, String> oidMap) {
/* check for and return cached name */
if (oidMap.isEmpty()) {
if (rfc2253Dn != null) {
return rfc2253Dn;
} else {
rfc2253Dn = generateRFC2253DN(oidMap);
return rfc2253Dn;
}
}
return generateRFC2253DN(oidMap);
} Returns a string form of the X.500 distinguished name
using the algorithm defined in RFC 2253. Attribute type
keywords defined in RFC 2253 are emitted, as well as additional
keywords contained in the OID/keyword map. |
public String getState() throws IOException {
DerValue attr = findAttribute(stateName_oid);
return getString(attr);
} Returns a "State" name component. If more than one
such component exists, the topmost one is returned. |
public String getSurname() throws IOException {
DerValue attr = findAttribute(SURNAME_OID);
return getString(attr);
} Returns a "Surname" name component. If more than one
such component exists, the topmost one is returned. |
public int getType() {
return (GeneralNameInterface.NAME_DIRECTORY);
} Return type of GeneralName. |
public int hashCode() {
return getRFC2253CanonicalName().hashCode();
} Calculates a hash code value for the object. Objects
which are equal will also have the same hashcode. |
static ObjectIdentifier intern(ObjectIdentifier oid) {
ObjectIdentifier interned = internedOIDs.get(oid);
if (interned != null) {
return interned;
}
internedOIDs.put(oid, oid);
return oid;
} |
public boolean isEmpty() {
int n = names.length;
if (n == 0) {
return true;
}
for (int i = 0; i < n; i++) {
if (names[i].assertion.length != 0) {
return false;
}
}
return true;
} Return whether this X500Name is empty. An X500Name is not empty
if it has at least one RDN containing at least one AVA. |
public List<RDN> rdns() {
List< RDN > list = rdnList;
if (list == null) {
list = Collections.unmodifiableList(Arrays.asList(names));
rdnList = list;
}
return list;
} Return an immutable List of all RDNs in this X500Name. |
public int size() {
return names.length;
} Return the number of RDNs in this X500Name. |
public int subtreeDepth() throws UnsupportedOperationException {
return names.length;
} Return subtree depth of this name for purposes of determining
NameConstraints minimum and maximum bounds and for calculating
path lengths in name subtrees. |
public String toString() {
if (dn == null) {
generateDN();
}
return dn;
} Returns a string form of the X.500 distinguished name.
The format of the string is from RFC 1779. The returned string
may contain non-standardised keywords for more readability
(keywords from RFCs 1779, 2253, and 3280). |
sun.security.x509.X500Name