org.nhindirect.dns.utils
Class CertUtils

java.lang.Object
  org.nhindirect.dns.utils.CertUtils

public class CertUtils
extends Object

Constructor Summary

CertUtils()

Method Summary

static X509Certificate	certFromFile(String certFile) Creates an X509Certificate object from an existing file.
static byte[]	pkcs12ToStrippedPkcs12(byte[] bytes, String passphrase) Takes a PKCS12 byte stream and returns a PKCS12 byte stream with the pass phrase protection and encryption removed.
static X509Certificate	toX509Certificate(byte[] data) Converts a byte stream to an X509Certificate.
static X509Certificate	toX509Certificate(byte[] data, String passPhrase) Converts a byte stream to an X509Certificate.
static byte[]	x509CertificateToBytes(X509Certificate cert) Converts an X509Certificate to a byte stream representation.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertUtils

public CertUtils()

Method Detail

pkcs12ToStrippedPkcs12

public static byte[] pkcs12ToStrippedPkcs12(byte[] bytes,
                                            String passphrase)
                                     throws DNSException

Takes a PKCS12 byte stream and returns a PKCS12 byte stream with the pass phrase protection and encryption removed.

Parameters:

bytes - The PKCS12 byte stream that will be stripped.

passphrase - The pass phrase of the PKCS12 byte stream. This is used to decrypt the PKCS12 stream.

Returns:

A PKCS12 byte stream representation of the original PKCS12 stream with the pass phrase protection and encryption removed.

Throws:

DNSException

x509CertificateToBytes

public static byte[] x509CertificateToBytes(X509Certificate cert)
                                     throws DNSException

Converts an X509Certificate to a byte stream representation. If the certificate contains a private key, the returned representation is a PKCS12 byte stream with no pass phrase protection or encryption.

Parameters:

cert - The certificate to convert.

Returns:

A byte stream representation of the certificate.

Throws:

DNSException

toX509Certificate

public static X509Certificate toX509Certificate(byte[] data)
                                         throws DNSException

Converts a byte stream to an X509Certificate. The byte stream can either be an encoded X509Certificate or a PKCS12 byte stream.

If the stream is a PKCS12 representation, then an empty ("") pass phrase is used to decrypt the stream. In addition the resulting X509Certificate implementation will contain the private key.

Parameters:

data - The byte stream representation to convert.

Returns:

An X509Certificate representation of the byte stream.

Throws:

DNSException

toX509Certificate

public static X509Certificate toX509Certificate(byte[] data,
                                                String passPhrase)
                                         throws DNSException

Converts a byte stream to an X509Certificate. The byte stream can either be an encoded X509Certificate or a PKCS12 byte stream.

If the stream is a PKCS12 representation, then the pass phrase is used to decrypt the stream. In addition the resulting X509Certificate implementation will contain the private key.

Parameters:

data - The byte stream representation to convert.

passPhrase - If the byte stream is a PKCS12 representation, then the then the pass phrase is used to decrypt the stream. Can be null if the stream is an encoded X509Certificate and not a PKCS12 byte stream.

Returns:

An X509Certificate representation of the byte stream.

Throws:

DNSException

certFromFile

public static X509Certificate certFromFile(String certFile)

Creates an X509Certificate object from an existing file. The file should be a DER encoded representation of the certificate.

Parameters:

certFile - The file to load into a certificate object.

Returns:

An X509Certificate loaded from the file.