Support retrieving X509 certificates CN since javax.naming package is…

… unavailable in Android (#2656) Signed-off-by: Hayden James <hayden.james@gmail.com>
eclipse-vertx · Oct 19, 2018 · 8184128 · 8184128
1 parent a30b4d2
commit 8184128
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 18 deletions.
diff --git a/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java b/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java
@@ -11,6 +11,7 @@
 
 package io.vertx.core.net.impl;
 
+import io.netty.util.internal.PlatformDependent;
 import io.vertx.core.VertxException;
 import io.vertx.core.buffer.Buffer;
 import io.vertx.core.impl.VertxInternal;
@@ -158,14 +159,8 @@ public KeyStoreHelper(KeyStore ks, String password) throws Exception {
           }
         }
         String dn = x509Cert.getSubjectX500Principal().getName();
-        LdapName ldapDN = new LdapName(dn);
-        for (Rdn rdn : ldapDN.getRdns()) {
-          if (rdn.getType().equalsIgnoreCase("cn")) {
-            String name = rdn.getValue().toString();
-            domains.add(name);
-          }
-        }
-        if (domains.size() > 0) {
+        domains.addAll(getX509CertificateCommonNames(dn));
+        if (!domains.isEmpty()) {
           PrivateKey key = (PrivateKey) ks.getKey(alias, password != null ? password.toCharArray() : null);
           Certificate[] tmp = ks.getCertificateChain(alias);
           if (tmp == null) {
@@ -260,6 +255,29 @@ public KeyStore store() throws Exception {
     return store;
   }
 
+  public static List<String> getX509CertificateCommonNames(String dn) throws Exception {
+    List<String> names = new ArrayList<>();
+    if (!PlatformDependent.isAndroid()) {
+      LdapName ldapDN = new LdapName(dn);
+      for (Rdn rdn : ldapDN.getRdns()) {
+        if (rdn.getType().equalsIgnoreCase("cn")) {
+          String name = rdn.getValue().toString();
+          names.add(name);
+        }
+      }
+    } else {
+      String [] rdns = dn.trim().split("[,;]");
+      for(String rdn : rdns) {
+        String [] nvp = rdn.trim().split("=");
+        if(nvp.length == 2 && "cn".equalsIgnoreCase(nvp[0])) {
+          names.add(nvp[1]);
+        }
+      }
+    }
+
+    return names;
+  }
+
   private static KeyStore loadJKSOrPKCS12(String type, String password, Supplier<Buffer> value) throws Exception {
     KeyStore ks = KeyStore.getInstance(type);
     InputStream in = null;

diff --git a/src/test/java/io/vertx/test/core/TestUtils.java b/src/test/java/io/vertx/test/core/TestUtils.java
@@ -18,16 +18,15 @@
 import io.vertx.core.buffer.Buffer;
 import io.vertx.core.http.Http2Settings;
 import io.vertx.core.net.*;
+import io.vertx.core.net.impl.KeyStoreHelper;
 import io.vertx.test.netty.TestLoggerFactory;
 
-import javax.naming.ldap.LdapName;
-import javax.naming.ldap.Rdn;
 import javax.security.cert.X509Certificate;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
-import java.net.InetAddress;
 import java.nio.file.Files;
 import java.util.EnumSet;
+import java.util.List;
 import java.util.Random;
 import java.util.Set;
 import java.util.zip.GZIPOutputStream;
@@ -396,13 +395,8 @@ public static Buffer leftPad(int padding, Buffer buffer) {
 
   public static String cnOf(X509Certificate cert) throws Exception {
     String dn = cert.getSubjectDN().getName();
-    LdapName ldapDN = new LdapName(dn);
-    for (Rdn rdn : ldapDN.getRdns()) {
-      if (rdn.getType().equalsIgnoreCase("cn")) {
-        return rdn.getValue().toString();
-      }
-    }
-    return null;
+    List<String> names = KeyStoreHelper.getX509CertificateCommonNames(dn);
+    return names.isEmpty() ? null : names.get(0);
   }
 
   /**