C # Use the X509Certificate2 class to obtain the name information of the digital certificate issuer and Holder

C # Use the X509Certificate2 class to obtain the name information of the digital certificate issuer and Holder

In. NET Framework, there is a class named X509Certificate2. You can use the attributes contained in this class to conveniently obtain information such as the serial number, validity period start date, and validity period end date in the X.509 digital certificate. You can find detailed descriptions of this class on the MSDN website.
In the attributes of this class, the Issuer and IssuerName, Subject, and SubjectName pairs look similar and confusing. Here is a description:

1) the Issuer and Subject attributes are of the string type. Using these two attributes, you can obtain the Distinguished Name of the certificate Issuer and Certificate Holder respectively. Distinguished Name is a string similar to the following format: "CN = MyName, O = MyOrg, OU = MyOrgUnit, C = US"
This string is used internally as a separator (note that it is a comma in English, not a comma in Chinese). CN represents the Common Name, O represents the organization Name, And OU represents the Name of the organization's subordinate organizations, C Represents the country name.

2) The IssuerName and SubjectName attributes are of the System. Security. Cryptography. X509Certificates. X500DistinguishedName type. Note that they are not strings. X500DistinguishedName has three attributes: Name, Oid, and RawData. The Distinguished Name can also be obtained using the Name attribute. That is:
The values of X509Certificate2. Issuer and X509Certificate2. IssuerName. Name are equal;
The value of X509Certificate2. Subject is equal to that of X509Certificate2. SubjectName. Name.

For the Distinguished Name of the Certificate Issuer or holder, the Common Name, that is, the content after CN =, is often used. However, the. NET Framework does not directly provide a method to extract the Common Name from Distinguished Name. Because Distinguished Name is used internally to separate different meanings, you can use it as a separator to split Distinguished Name into multiple substrings, and then search for CN = in the substrings, find and extract the part after CN = to get the value of Common Name. The specific implementation code is as follows:

/*************************************** * *********** Author: HAN Wei * Author's blog: http://blog.csdn.net/henter/ * Date: 23rd, 2015 * Description: demonstrate how to extract Common Name * from Distinguished Name ****************************** * *******************/using System; namespace ExtractCnFromDn {class Program {public static string ExtractCommonNameFromDN (string DistinguishedName) {if (String. isNullOrEmpty (DistinguishedName) {throw new ArgumentNullException ("Distinguishedname");} string strCommonName = string. empty; bool bFoundSubStr = false; string strStartSubStr = "CN ="; char [] chDelimiterChars = {','}; string [] NameArray = DistinguishedName. split (chDelimiterChars); int iNameLength; for (int I = 0; I <NameArray. length; I ++) {iNameLength = NameArray [I]. length; if (iNameLength> 3) {if (String. compare (strStartSubStr, NameArray [I]. substring (0, 3), true) = 0) {strCommonName = NameArray [I]. substring (3, (iNameLength-3); bFoundSubStr = true; break ;}} if (bFoundSubStr = false) strCommonName = string. empty; return strCommonName ;} /*************************************** * ********/static void Main (string [] args) {string strDn = "CN = tester, E = test@abc.com, S = Shanghai, C = CN";/* Note here, not a comma in Chinese */string strCn = string. empty; try {strCn = ExtractCommonNameFromDN (strDn);} catch (ArgumentNullException e) {Console. writeLine ("Error message: {0}", e. message); Console. readLine (); return;} Console. writeLine ("Distinguished name: {0}", strDn); Console. writeLine ("Common name: {0}", strCn); Console. readLine (); return ;}}}