Removed DN parsing code duplication.
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / provider / BaseHandler.java
index 3f6437a..985466e 100644 (file)
@@ -25,7 +25,6 @@
 
 package edu.internet2.middleware.shibboleth.idp.provider;
 
-import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.HashSet;
@@ -33,17 +32,12 @@ import java.util.HashSet;
 import javax.security.auth.x500.X500Principal;
 
 import org.apache.log4j.Logger;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERObject;
-import org.bouncycastle.asn1.DERObjectIdentifier;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
 import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
+import edu.internet2.middleware.shibboleth.common.provider.ShibbolethTrust;
 import edu.internet2.middleware.shibboleth.idp.IdPConfig;
 import edu.internet2.middleware.shibboleth.idp.IdPProtocolHandler;
 
@@ -56,7 +50,6 @@ public abstract class BaseHandler implements IdPProtocolHandler {
 
        private static Logger log = Logger.getLogger(BaseHandler.class.getName());
        private HashSet locations = new HashSet();
-       private static final String CN_OID = "2.5.4.3";
 
        /**
         * Required DOM-based constructor.
@@ -107,51 +100,7 @@ public abstract class BaseHandler implements IdPProtocolHandler {
 
        protected static String getHostNameFromDN(X500Principal dn) {
 
-               // Parse the ASN.1 representation of the dn and grab the last CN component that we find
-               // We used to do this with the dn string, but the JDK's default parsing caused problems with some DNs
-
-               try {
-                       ASN1InputStream asn1Stream = new ASN1InputStream(dn.getEncoded());
-                       DERObject parent = asn1Stream.readObject();
-
-                       if (!(parent instanceof DERSequence)) {
-                               log.error("Unable to extract host name name from certificate subject DN: incorrect ASN.1 encoding.");
-                               return null;
-                       }
-
-                       String cn = null;
-                       for (int i = 0; i < ((DERSequence) parent).size(); i++) {
-                               DERObject dnComponent = ((DERSequence) parent).getObjectAt(i).getDERObject();
-                               if (!(dnComponent instanceof DERSet)) {
-                                       continue;
-                               }
-
-                               // Each DN component is a set
-                               for (int j = 0; j < ((DERSet) dnComponent).size(); j++) {
-                                       DERObject grandChild = ((DERSet) dnComponent).getObjectAt(j).getDERObject();
-
-                                       if (((DERSequence) grandChild).getObjectAt(0) != null
-                                                       && ((DERSequence) grandChild).getObjectAt(0).getDERObject() instanceof DERObjectIdentifier) {
-                                               DERObjectIdentifier componentId = (DERObjectIdentifier) ((DERSequence) grandChild).getObjectAt(
-                                                               0).getDERObject();
-
-                                               if (CN_OID.equals(componentId.getId())) {
-                                                       // OK, this dn component is actually a cn attribute
-                                                       if (((DERSequence) grandChild).getObjectAt(1) != null
-                                                                       && ((DERSequence) grandChild).getObjectAt(1).getDERObject() instanceof DERPrintableString) {
-                                                               cn = ((DERPrintableString) ((DERSequence) grandChild).getObjectAt(1).getDERObject())
-                                                                               .getString();
-                                                       }
-                                               }
-                                       }
-                               }
-                       }
-                       asn1Stream.close();
-                       return cn;
-
-               } catch (IOException e) {
-                       log.error("Unable to extract host name name from certificate subject DN: ASN.1 parsing failed: " + e);
-                       return null;
-               }
+               return ShibbolethTrust.getHostNameFromDN(dn);
        }
+
 }
\ No newline at end of file