aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons/src/main/java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-05-16 09:29:09 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-05-16 09:29:09 +0200
commitc61850c5607d066a3c322794c1220f26b31103a0 (patch)
tree8e91dbb441f5af6879c4314b38159b7ed9b4add4 /id/server/moa-id-commons/src/main/java
parent44bce0049b598604cc1a30f419e936c6b5fc59cf (diff)
downloadmoa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.gz
moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.bz2
moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.zip
add initial version of Security-Layer 2.0 Authentication module
Diffstat (limited to 'id/server/moa-id-commons/src/main/java')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java62
1 files changed, 62 insertions, 0 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java
new file mode 100644
index 000000000..026b1a5fb
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java
@@ -0,0 +1,62 @@
+package at.gv.egovernment.moa.id.commons.utils;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+
+import javax.security.auth.x500.X500Principal;
+
+public class X509Utils {
+
+ /**
+ * Sorts the Certificate Chain by IssuerDN and SubjectDN. The [0]-Element should be the Hostname,
+ * the last Element should be the Root Certificate.
+ *
+ * @param certs
+ * The first element must be the correct one.
+ * @return sorted Certificate Chain
+ */
+ public static List<X509Certificate> sortCertificates(
+ List<X509Certificate> certs)
+ {
+ int length = certs.size();
+ if (certs.size() <= 1)
+ {
+ return certs;
+ }
+
+ for (X509Certificate cert : certs)
+ {
+ if (cert == null)
+ {
+ throw new NullPointerException();
+ }
+ }
+
+ for (int i = 0; i < length; i++)
+ {
+ boolean found = false;
+ X500Principal issuer = certs.get(i).getIssuerX500Principal();
+ for (int j = i + 1; j < length; j++)
+ {
+ X500Principal subject = certs.get(j).getSubjectX500Principal();
+ if (issuer.equals(subject))
+ {
+ // sorting necessary?
+ if (i + 1 != j)
+ {
+ X509Certificate tmp = certs.get(i + 1);
+ certs.set(i + 1, certs.get(j));
+ certs.set(j, tmp);
+ }
+ found = true;
+ }
+ }
+ if (!found)
+ {
+ break;
+ }
+ }
+
+ return certs;
+ }
+}