It turns out that the number of standard ways the fields in a DN should be
encoded into their ASN.1 counterparts is rapidly approaching the
number of machines on the internet. By default the X509Name class
will produce UTF8Strings in line with the current recommendations (RFC 3280).
An example of an encoder look like below:
public class X509DirEntryConverter
extends X509NameEntryConverter
{
public DERObject getConvertedValue(
DERObjectIdentifier oid,
String value)
{
if (str.length() != 0 && str.charAt(0) == '#')
{
return convertHexEncoded(str, 1);
}
if (oid.equals(EmailAddress))
{
return new DERIA5String(str);
}
else if (canBePrintable(str))
{
return new DERPrintableString(str);
}
else if (canBeUTF8(str))
{
return new DERUTF8String(str);
}
else
{
return new DERBMPString(str);
}
}
} |