X509Util (XiPKI :: security 5.0.0 API)

java.lang.Object
- org.xipki.security.util.X509Util

```
public class X509Util
extends Object
```
TODO.

Since:

2.0.0

Author:

Lijun Liao

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static X509Certificate[]`	`buildCertPath(X509Certificate cert, Set<? extends Certificate> certs)` Build the certificate path.
`static String`	`canonicalizName(org.bouncycastle.asn1.x500.X500Name name)`
`static org.bouncycastle.asn1.x509.AccessDescription`	`createAccessDescription(String accessMethodAndLocation)`
`static org.bouncycastle.asn1.x509.ExtendedKeyUsage`	`createExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)`
`static org.bouncycastle.asn1.x509.Extension`	`createExtnSubjectAltName(List<String> taggedValues, boolean critical)`
`static org.bouncycastle.asn1.x509.Extension`	`createExtnSubjectInfoAccess(List<String> accessMethodAndLocations, boolean critical)`
`static org.bouncycastle.asn1.x509.GeneralName`	`createGeneralName(String taggedValue)` Creates `GeneralName` from the tagged value.
`static org.bouncycastle.asn1.x509.GeneralNames`	`createGeneralNames(List<String> taggedValues)`
`static org.bouncycastle.asn1.x509.KeyUsage`	`createKeyUsage(Set<KeyUsage> usages)`
`static String`	`cutText(String text, int maxLen)`
`static String`	`cutX500Name(org.bouncycastle.asn1.x500.X500Name name, int maxLen)`
`static String`	`cutX500Name(X500Principal name, int maxLen)`
`static byte[]`	`extractAki(org.bouncycastle.asn1.x509.Certificate cert)`
`static byte[]`	`extractAki(X509Certificate cert)`
`static byte[]`	`extractSki(org.bouncycastle.asn1.x509.Certificate cert)`
`static byte[]`	`extractSki(X509Certificate cert)`
`static long`	`fpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)`
`static long`	`fpCanonicalizedName(X500Principal prin)` First canonicalized the name, and then compute the SHA-1 finger-print over the canonicalized subject string.
`static String`	`getCommonName(org.bouncycastle.asn1.x500.X500Name name)`
`static String`	`getCommonName(X500Principal name)`
`static byte[]`	`getCoreExtValue(org.bouncycastle.cert.X509AttributeCertificateHolder cert, org.bouncycastle.asn1.ASN1ObjectIdentifier type)`
`static byte[]`	`getCoreExtValue(X509Certificate cert, org.bouncycastle.asn1.ASN1ObjectIdentifier type)`
`static String`	`getRfc4519Name(org.bouncycastle.asn1.x500.X500Name name)`
`static String`	`getRfc4519Name(X500Principal name)`
`static boolean`	`hasKeyusage(X509Certificate cert, KeyUsage usage)`
`static boolean`	`isSelfSigned(X509Certificate cert)`
`static boolean`	`issues(org.bouncycastle.asn1.x509.Certificate issuerCert, org.bouncycastle.asn1.x509.Certificate cert)`
`static boolean`	`issues(X509Certificate issuerCert, X509Certificate cert)`
`static org.bouncycastle.asn1.x509.Certificate`	`parseBcCert(byte[] certBytes)`
`static org.bouncycastle.asn1.x509.Certificate`	`parseBcCert(File file)`
`static org.bouncycastle.asn1.x509.Certificate`	`parseBcCert(InputStream certStream)`
`static X509Certificate`	`parseCert(byte[] certBytes)`
`static X509Certificate`	`parseCert(File file)`
`static X509Certificate`	`parseCert(InputStream certStream)`
`static X509CRL`	`parseCrl(byte[] encodedCrl)`
`static X509CRL`	`parseCrl(File file)`
`static X509CRL`	`parseCrl(InputStream crlStream)`
`static org.bouncycastle.asn1.pkcs.CertificationRequest`	`parseCsr(byte[] csrBytes)`
`static org.bouncycastle.asn1.pkcs.CertificationRequest`	`parseCsr(File file)`
`static org.bouncycastle.asn1.pkcs.CertificationRequest`	`parseCsr(InputStream csrStream)`
`static String`	`rdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)`
`static org.bouncycastle.asn1.x500.X500Name`	`reverse(org.bouncycastle.asn1.x500.X500Name name)`
`static List<org.bouncycastle.asn1.ASN1ObjectIdentifier>`	`sortOidList(List<org.bouncycastle.asn1.ASN1ObjectIdentifier> oids)`
`static byte[]`	`toDerEncoded(byte[] bytes)`
`static String`	`toPemCert(X509Certificate cert)`
`static org.bouncycastle.asn1.x509.SubjectPublicKeyInfo`	`toRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)`
`static X509Certificate`	`toX509Cert(org.bouncycastle.asn1.x509.Certificate asn1Cert)`
`static X509CRL`	`toX509Crl(org.bouncycastle.asn1.x509.CertificateList asn1CertList)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getCommonName

public static String getCommonName(X500Principal name)

getCommonName

public static String getCommonName(org.bouncycastle.asn1.x500.X500Name name)

reverse

public static org.bouncycastle.asn1.x500.X500Name reverse(org.bouncycastle.asn1.x500.X500Name name)

parseCert

public static X509Certificate parseCert(File file)
                                 throws IOException,
                                        CertificateException

Throws:: IOException; CertificateException

parseCert

public static X509Certificate parseCert(InputStream certStream)
                                 throws IOException,
                                        CertificateException

Throws:: IOException; CertificateException

parseCert

public static X509Certificate parseCert(byte[] certBytes)
                                 throws CertificateException

Throws:: CertificateException

parseBcCert

public static org.bouncycastle.asn1.x509.Certificate parseBcCert(File file)
                                                          throws IOException,
                                                                 CertificateException

Throws:: IOException; CertificateException

parseBcCert

public static org.bouncycastle.asn1.x509.Certificate parseBcCert(InputStream certStream)
                                                          throws IOException,
                                                                 CertificateException

Throws:: IOException; CertificateException

parseBcCert

public static org.bouncycastle.asn1.x509.Certificate parseBcCert(byte[] certBytes)
                                                          throws CertificateException

Throws:: CertificateException

parseCsr

public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(File file)
                                                                throws IOException

Throws:: IOException

parseCsr

public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(InputStream csrStream)
                                                                throws IOException

Throws:: IOException

parseCsr

public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(byte[] csrBytes)

toDerEncoded

public static byte[] toDerEncoded(byte[] bytes)

toPemCert

public static String toPemCert(X509Certificate cert)
                        throws CertificateException

Throws:: CertificateException

toX509Cert

public static X509Certificate toX509Cert(org.bouncycastle.asn1.x509.Certificate asn1Cert)
                                  throws CertificateException

Throws:: CertificateException

toX509Crl

public static X509CRL toX509Crl(org.bouncycastle.asn1.x509.CertificateList asn1CertList)
                         throws CertificateException,
                                CRLException

Throws:: CertificateException; CRLException

parseCrl

public static X509CRL parseCrl(File file)
                        throws IOException,
                               CertificateException,
                               CRLException

Throws:: IOException; CertificateException; CRLException

parseCrl

public static X509CRL parseCrl(byte[] encodedCrl)
                        throws CertificateException,
                               CRLException

Throws:: CertificateException; CRLException

parseCrl

public static X509CRL parseCrl(InputStream crlStream)
                        throws CertificateException,
                               CRLException

Throws:: CertificateException; CRLException

getRfc4519Name

public static String getRfc4519Name(X500Principal name)

getRfc4519Name

public static String getRfc4519Name(org.bouncycastle.asn1.x500.X500Name name)

fpCanonicalizedName
```
public static long fpCanonicalizedName(X500Principal prin)
```
First canonicalized the name, and then compute the SHA-1 finger-print over the canonicalized subject string.

Parameters:

prin - The name

Returns:

the fingerprint of the canonicalized name

fpCanonicalizedName

public static long fpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)

canonicalizName

public static String canonicalizName(org.bouncycastle.asn1.x500.X500Name name)

extractSki

public static byte[] extractSki(X509Certificate cert)
                         throws CertificateEncodingException

Throws:: CertificateEncodingException

extractSki

public static byte[] extractSki(org.bouncycastle.asn1.x509.Certificate cert)
                         throws CertificateEncodingException

Throws:: CertificateEncodingException

extractAki

public static byte[] extractAki(X509Certificate cert)
                         throws CertificateEncodingException

Throws:: CertificateEncodingException

extractAki

public static byte[] extractAki(org.bouncycastle.asn1.x509.Certificate cert)
                         throws CertificateEncodingException

Throws:: CertificateEncodingException

rdnValueToString

public static String rdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)

createKeyUsage

public static org.bouncycastle.asn1.x509.KeyUsage createKeyUsage(Set<KeyUsage> usages)

createExtendedUsage

public static org.bouncycastle.asn1.x509.ExtendedKeyUsage createExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)

sortOidList

public static List<org.bouncycastle.asn1.ASN1ObjectIdentifier> sortOidList(List<org.bouncycastle.asn1.ASN1ObjectIdentifier> oids)

hasKeyusage

public static boolean hasKeyusage(X509Certificate cert,
                                  KeyUsage usage)

getCoreExtValue

public static byte[] getCoreExtValue(X509Certificate cert,
                                     org.bouncycastle.asn1.ASN1ObjectIdentifier type)
                              throws CertificateEncodingException

Throws:: CertificateEncodingException

getCoreExtValue

public static byte[] getCoreExtValue(org.bouncycastle.cert.X509AttributeCertificateHolder cert,
                                     org.bouncycastle.asn1.ASN1ObjectIdentifier type)
                              throws CertificateEncodingException

Throws:: CertificateEncodingException

buildCertPath
```
public static X509Certificate[] buildCertPath(X509Certificate cert,
                                              Set<? extends Certificate> certs)
```
Build the certificate path. Cross certificate will not be considered.

Parameters:

cert - certificate for which the certificate path will be built

certs - collection of certificates.

Returns:

the certificate path

isSelfSigned

public static boolean isSelfSigned(X509Certificate cert)
                            throws CertificateEncodingException

Throws:: CertificateEncodingException

issues

public static boolean issues(X509Certificate issuerCert,
                             X509Certificate cert)
                      throws CertificateEncodingException

Throws:: CertificateEncodingException

issues

public static boolean issues(org.bouncycastle.asn1.x509.Certificate issuerCert,
                             org.bouncycastle.asn1.x509.Certificate cert)
                      throws CertificateEncodingException

Throws:: CertificateEncodingException

toRfc3279Style

public static org.bouncycastle.asn1.x509.SubjectPublicKeyInfo toRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
                                                                      throws InvalidKeySpecException

Throws:: InvalidKeySpecException

cutText

public static String cutText(String text,
                             int maxLen)

cutX500Name

public static String cutX500Name(org.bouncycastle.asn1.x500.X500Name name,
                                 int maxLen)

cutX500Name

public static String cutX500Name(X500Principal name,
                                 int maxLen)

createExtnSubjectAltName

public static org.bouncycastle.asn1.x509.Extension createExtnSubjectAltName(List<String> taggedValues,
                                                                            boolean critical)
                                                                     throws BadInputException

Throws:: BadInputException

createExtnSubjectInfoAccess

public static org.bouncycastle.asn1.x509.Extension createExtnSubjectInfoAccess(List<String> accessMethodAndLocations,
                                                                               boolean critical)
                                                                        throws BadInputException

Throws:: BadInputException

createAccessDescription

public static org.bouncycastle.asn1.x509.AccessDescription createAccessDescription(String accessMethodAndLocation)
                                                                            throws BadInputException

Throws:: BadInputException

createGeneralNames

public static org.bouncycastle.asn1.x509.GeneralNames createGeneralNames(List<String> taggedValues)
                                                                  throws BadInputException

Throws:: BadInputException

createGeneralName
```
public static org.bouncycastle.asn1.x509.GeneralName createGeneralName(String taggedValue)
                                                                throws BadInputException
```
Creates GeneralName from the tagged value.

Parameters:

taggedValue - [tag]value, and the value for tags otherName and ediPartyName is type=value.

Returns:

the created GeneralName

Throws:

BadInputException - if the taggedValue is invalid.

Class X509Util

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getCommonName

getCommonName

reverse

parseCert

parseCert

parseCert

parseBcCert

parseBcCert

parseBcCert

parseCsr

parseCsr

parseCsr

toDerEncoded

toPemCert

toX509Cert

toX509Crl

parseCrl

parseCrl

parseCrl

getRfc4519Name

getRfc4519Name

fpCanonicalizedName

fpCanonicalizedName

canonicalizName

extractSki

extractSki

extractAki

extractAki

rdnValueToString

createKeyUsage

createExtendedUsage

sortOidList

hasKeyusage

getCoreExtValue

getCoreExtValue

buildCertPath

isSelfSigned

issues

issues

toRfc3279Style

cutText

cutX500Name

cutX500Name

createExtnSubjectAltName

createExtnSubjectInfoAccess

createAccessDescription

createGeneralNames

createGeneralName