From 32ff29e0e2c206abea246b233830f7de890db8c7 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Fri, 15 Aug 2014 21:40:10 +0200 Subject: [PATCH] Use "CN" correctly as dns or as real name. --- .../gigi/pages/account/CertificateIssueForm.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java index decda34d..936ced84 100644 --- a/src/org/cacert/gigi/pages/account/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/CertificateIssueForm.java @@ -51,6 +51,7 @@ import sun.security.x509.Extension; import sun.security.x509.GeneralName; import sun.security.x509.GeneralNameInterface; import sun.security.x509.GeneralNames; +import sun.security.x509.PKIXExtensions; import sun.security.x509.RDN; import sun.security.x509.RFC822Name; import sun.security.x509.SubjectAlternativeNameExtension; @@ -121,7 +122,14 @@ public class CertificateIssueForm extends Form { if (a.getObjectIdentifier().equals((Object) PKCS9Attribute.EMAIL_ADDRESS_OID)) { SANs.add(new SubjectAlternateName(SANType.EMAIL, a.getValueString())); } else if (a.getObjectIdentifier().equals((Object) X500Name.commonName_oid)) { - CN = a.getValueString(); + String value = a.getValueString(); + if (value.contains(".") && !value.contains(" ")) { + SANs.add(new SubjectAlternateName(SANType.DNS, value)); + } else { + CN = value; + } + } else if (a.getObjectIdentifier().equals((Object) PKIXExtensions.SubjectAlternativeName_Id)) { + // parse invalid SANs } } } -- 2.39.2