1 files changed, 20 insertions, 12 deletions

diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
index 7b4e463..e11a38c 100644
--- a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
+++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/X509Cert.java
@@ -99,7 +99,7 @@ public class X509Cert implements Serializable
    * statement and remove all whitespaces in the string. The result string

    * (base64) is used by reconstructing the certiface sign by the verification

    * process.

-   * 

+   *

    * @param certString

    *          the string to normalize

    * @return the normalized cert string

@@ -115,7 +115,7 @@ public class X509Cert implements Serializable
   /**

    * This method initialzes a X509Certificate by a string value. It must be

    * coded Base64 or as plain binary stream.

-   * 

+   *

    * @param certString

    *          the certificate string to analyse

    * @return the X509Cert object

@@ -150,7 +150,9 @@ public class X509Cert implements Serializable
 

       String serial_num = cert.getSerialNumber().toString();

       String issuer = cert.getIssuerDN().getName();

-      issuer = issuer.replaceAll(", ", ",");

+      // fixed by dti: commas within issuer rdns are escapted by "\,". These escapted commas must not be replaced.

+//    issuer = issuer.replaceAll(", ", ",");

+      issuer = issuer.replaceAll("[^\\\\], ", ",");

       String subject_name = cert.getSubjectDN().toString();

       x509_cert.setSerialNumber(serial_num);

       x509_cert.setIssuerName(issuer);

@@ -174,7 +176,7 @@ public class X509Cert implements Serializable
     }

     return x509_cert;

   }

-  

+

   public static X509Cert initByX509Certificate(X509Certificate cert) throws CertificateEncodingException {

      X509Cert x509_cert = new X509Cert();

      x509_cert.setX509Cert(cert);

@@ -182,7 +184,9 @@ public class X509Cert implements Serializable
 

      String serial_num = cert.getSerialNumber().toString();

      String issuer = cert.getIssuerDN().getName();

-     issuer = issuer.replaceAll(", ", ",");

+     // fixed by dti: commas within issuer rdns are escapted by "\,". These escapted commas must not be replaced.

+//   issuer = issuer.replaceAll(", ", ",");

+     issuer = issuer.replaceAll("[^\\\\], ", ",");

      String subject_name = cert.getSubjectDN().toString();

      x509_cert.setSerialNumber(serial_num);

      x509_cert.setIssuerName(issuer);

@@ -210,7 +214,9 @@ public class X509Cert implements Serializable
 

       String serial_num = cert.getSerialNumber().toString();

       String issuer = cert.getIssuerDN().getName();

-      issuer = issuer.replaceAll(", ", ",");

+      // fixed by dti: commas within issuer rdns are escapted by "\,". These escapted commas must not be replaced.

+//    issuer = issuer.replaceAll(", ", ",");

+      issuer = issuer.replaceAll("[^\\\\], ", ",");

       String subject_name = cert.getSubjectDN().toString();

       x509_cert.setSerialNumber(serial_num);

       x509_cert.setIssuerName(issuer);

@@ -226,7 +232,7 @@ public class X509Cert implements Serializable
     {

       // nothing to do, cause certString is not X509 conformc

       logger_.error(ce.getMessage(), ce);

-      

+

     }

     catch (IOException ioe)

     {

@@ -240,7 +246,7 @@ public class X509Cert implements Serializable
   /**

    * This method initialzes a X509Certificate by a file path value. The file

    * must be a plain binary file like .cer format.

-   * 

+   *

    * @param filePath

    *          the certificate file to analyse

    * @return the X509Cert object

@@ -276,7 +282,9 @@ public class X509Cert implements Serializable
 

       String serial_num = cert.getSerialNumber().toString();

       String issuer = cert.getIssuerDN().getName();

-      issuer = issuer.replaceAll(", ", ",");

+      // fixed by dti: commas within issuer rdns are escapted by "\,". These escapted commas must not be replaced.

+//      issuer = issuer.replaceAll(", ", ",");

+      issuer = issuer.replaceAll("[^\\\\], ", ",");

       String subject_name = cert.getSubjectDN().toString();

       x509_cert.setSerialNumber(serial_num);

       x509_cert.setIssuerName(issuer);

@@ -300,7 +308,7 @@ public class X509Cert implements Serializable
   /**

    * This method initialzes a X509Certificate by a file value. The file must be

    * a plain binary file like .cer format.

-   * 

+   *

    * @param certFile

    *          the certificate file to analyse

    * @return the X509Cert object

@@ -314,7 +322,7 @@ public class X509Cert implements Serializable
 

   /**

    * This method checks if a certificate file is X509 conform.

-   * 

+   *

    * @return true if a certificate file is X509 conform, false otherwise

    */

   public boolean isX509Cert()

@@ -480,7 +488,7 @@ public class X509Cert implements Serializable
   /**

    * This method checks, if a X509Certificate has a public key with the rsa

    * algorithm.

-   * 

+   *

    * @return true if the public key is produced with rsa, false otherwise

    */

   public boolean isRSA()