From: Felix Dörre Date: Fri, 15 Aug 2014 19:40:10 +0000 (+0200) Subject: Use "CN" correctly as dns or as real name. X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=32ff29e0e2c206abea246b233830f7de890db8c7 Use "CN" correctly as dns or as real name. --- diff --git a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java index decda34d..936ced84 100644 --- a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java @@ -51,6 +51,7 @@ import sun.security.x509.Extension; import sun.security.x509.GeneralName; import sun.security.x509.GeneralNameInterface; import sun.security.x509.GeneralNames; +import sun.security.x509.PKIXExtensions; import sun.security.x509.RDN; import sun.security.x509.RFC822Name; import sun.security.x509.SubjectAlternativeNameExtension; @@ -121,7 +122,14 @@ public class CertificateIssueForm extends Form { if (a.getObjectIdentifier().equals((Object) PKCS9Attribute.EMAIL_ADDRESS_OID)) { SANs.add(new SubjectAlternateName(SANType.EMAIL, a.getValueString())); } else if (a.getObjectIdentifier().equals((Object) X500Name.commonName_oid)) { - CN = a.getValueString(); + String value = a.getValueString(); + if (value.contains(".") && !value.contains(" ")) { + SANs.add(new SubjectAlternateName(SANType.DNS, value)); + } else { + CN = value; + } + } else if (a.getObjectIdentifier().equals((Object) PKIXExtensions.SubjectAlternativeName_Id)) { + // parse invalid SANs } } }