org.xipki.security.util

Class X509Util

java.lang.Object

org.xipki.security.util.X509Util

public class X509Util
extends Object

X.509 certificate utility class.

Since:

2.0.0

Author:

Lijun Liao

Method Summary

Modifier and Type	Method and Description
static void	assertCsrAndCertMatch(org.bouncycastle.asn1.pkcs.CertificationRequest csr, org.bouncycastle.asn1.x509.Certificate targetCert, boolean caCertRequired)
static X509Cert[]	buildCertPath(X509Cert targetCert, Collection<X509Cert> certs) Build the certificate path.
static X509Cert[]	buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, boolean includeTargetCert) Build the certificate path.
static X509Cert[]	buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, Collection<X509Cert> trustanchors, boolean includeTargetCert)
static String	canonicalizName(org.bouncycastle.asn1.x500.X500Name name)
static org.bouncycastle.asn1.x509.ExtendedKeyUsage	createExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)
static org.bouncycastle.asn1.x509.Extension	createExtnSubjectAltName(List<String> taggedValues, boolean critical)
static org.bouncycastle.asn1.x509.Extension	createExtnSubjectInfoAccess(List<String> accessMethodAndLocations, boolean critical)
static org.bouncycastle.asn1.x509.KeyUsage	createKeyUsage(Set<KeyUsage> usages)
static String	cutText(String text, int maxLen)
static String	cutX500Name(org.bouncycastle.asn1.x500.X500Name name, int maxLen)
static String	encodeCertificates(byte[][] certchain)
static String	encodeCertificates(X509Cert[] certchain)
static String	formatCert(X509Cert cert, boolean verbose)
static long	fpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)
static org.bouncycastle.asn1.pkcs.Attribute	getAttribute(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr, org.bouncycastle.asn1.ASN1ObjectIdentifier type)
static String	getChallengePassword(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)
static String	getCommonName(org.bouncycastle.asn1.x500.X500Name name)
static byte[]	getCoreExtValue(org.bouncycastle.asn1.x509.Extensions extensions, org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)
static org.bouncycastle.asn1.x509.Extensions	getExtensions(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)
static boolean	issues(X509Cert issuerCert, X509Cert cert)
static List<X509Cert>	listCertificates(String encodedCerts)
static X509Cert	parseCert(byte[] bytes)
static X509Cert	parseCert(File file)
static X509Cert	parseCert(InputStream certStream)
static List<X509Cert>	parseCerts(byte[] certsBytes)
static List<X509Cert>	parseCerts(InputStream certsStream)
static List<X509Cert>	parseCerts(List<org.xipki.util.FileOrBinary> certsConf)
static org.bouncycastle.cert.X509CRLHolder	parseCrl(byte[] encodedCrl)
static org.bouncycastle.cert.X509CRLHolder	parseCrl(File file)
static org.bouncycastle.asn1.pkcs.CertificationRequest	parseCsr(byte[] csrBytes)
static org.bouncycastle.asn1.pkcs.CertificationRequest	parseCsr(File file)
static X509Certificate	parseX509Certificate(InputStream crlStream)
static String	rdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)
static org.bouncycastle.asn1.x500.X500Name	reverse(org.bouncycastle.asn1.x500.X500Name name)
static byte[]	toDerEncoded(byte[] bytes)
static String	toPemCert(X509Cert cert)
static org.bouncycastle.asn1.x509.SubjectPublicKeyInfo	toRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
static String	x500NameText(org.bouncycastle.asn1.x500.X500Name name)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getCommonName

public static String getCommonName(org.bouncycastle.asn1.x500.X500Name name)

reverse

public static org.bouncycastle.asn1.x500.X500Name reverse(org.bouncycastle.asn1.x500.X500Name name)

parseCert

public static X509Cert parseCert(File file)
                          throws IOException,
                                 CertificateException

Throws:

IOException

CertificateException

parseCerts

public static List<X509Cert> parseCerts(byte[] certsBytes)
                                 throws IOException,
                                        CertificateException

Throws:

IOException

CertificateException

parseCerts

public static List<X509Cert> parseCerts(InputStream certsStream)
                                 throws IOException,
                                        CertificateException

Throws:

IOException

CertificateException

parseCert

public static X509Cert parseCert(InputStream certStream)
                          throws IOException,
                                 CertificateException

Throws:

IOException

CertificateException

parseCert

public static X509Cert parseCert(byte[] bytes)
                          throws CertificateEncodingException

Throws:

CertificateEncodingException

parseCsr

public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(File file)
                                                                throws IOException

Throws:

IOException

parseCsr

public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(byte[] csrBytes)

toDerEncoded

public static byte[] toDerEncoded(byte[] bytes)

toPemCert

public static String toPemCert(X509Cert cert)

parseX509Certificate

public static X509Certificate parseX509Certificate(InputStream crlStream)
                                            throws CertificateException

Throws:

CertificateException

parseCrl

public static org.bouncycastle.cert.X509CRLHolder parseCrl(File file)
                                                    throws IOException,
                                                           CRLException

Throws:

IOException

CRLException

parseCrl

public static org.bouncycastle.cert.X509CRLHolder parseCrl(byte[] encodedCrl)
                                                    throws CRLException

Throws:

CRLException

x500NameText

public static String x500NameText(org.bouncycastle.asn1.x500.X500Name name)

fpCanonicalizedName

public static long fpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)

canonicalizName

public static String canonicalizName(org.bouncycastle.asn1.x500.X500Name name)

rdnValueToString

public static String rdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)

createKeyUsage

public static org.bouncycastle.asn1.x509.KeyUsage createKeyUsage(Set<KeyUsage> usages)

createExtendedUsage

public static org.bouncycastle.asn1.x509.ExtendedKeyUsage createExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)

getCoreExtValue

public static byte[] getCoreExtValue(org.bouncycastle.asn1.x509.Extensions extensions,
                                     org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)

buildCertPath

public static X509Cert[] buildCertPath(X509Cert targetCert,
                                       Collection<X509Cert> certs)
                                throws CertPathBuilderException

Build the certificate path. Cross certificate will not be considered.

Parameters:

targetCert - certificate for which the certificate path will be built

certs - collection of certificates.

Returns:

the certificate path

Throws:

CertPathBuilderException - If cannot build a valid certificate path.

buildCertPath

public static X509Cert[] buildCertPath(X509Cert targetCert,
                                       Collection<X509Cert> certs,
                                       boolean includeTargetCert)
                                throws CertPathBuilderException

Build the certificate path. Cross certificate will not be considered.

Parameters:

targetCert - certificate for which the certificate path will be built

certs - collection of certificates.

includeTargetCert - whether to include targetCert in the result.

Returns:

the certificate path

Throws:

CertPathBuilderException - If cannot build a valid certificate path.

buildCertPath

public static X509Cert[] buildCertPath(X509Cert targetCert,
                                       Collection<X509Cert> certs,
                                       Collection<X509Cert> trustanchors,
                                       boolean includeTargetCert)

encodeCertificates

public static String encodeCertificates(X509Cert[] certchain)
                                 throws CertificateException,
                                        IOException

Throws:

CertificateException

IOException

encodeCertificates

public static String encodeCertificates(byte[][] certchain)

listCertificates

public static List<X509Cert> listCertificates(String encodedCerts)
                                       throws CertificateException,
                                              IOException

Throws:

CertificateException

IOException

issues

public static boolean issues(X509Cert issuerCert,
                             X509Cert cert)
                      throws CertificateEncodingException

Throws:

CertificateEncodingException

toRfc3279Style

public static org.bouncycastle.asn1.x509.SubjectPublicKeyInfo toRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
                                                                      throws InvalidKeySpecException

Throws:

InvalidKeySpecException

cutText

public static String cutText(String text,
                             int maxLen)

cutX500Name

public static String cutX500Name(org.bouncycastle.asn1.x500.X500Name name,
                                 int maxLen)

createExtnSubjectAltName

public static org.bouncycastle.asn1.x509.Extension createExtnSubjectAltName(List<String> taggedValues,
                                                                            boolean critical)
                                                                     throws BadInputException

Throws:

BadInputException

createExtnSubjectInfoAccess

public static org.bouncycastle.asn1.x509.Extension createExtnSubjectInfoAccess(List<String> accessMethodAndLocations,
                                                                               boolean critical)
                                                                        throws BadInputException

Throws:

BadInputException

formatCert

public static String formatCert(X509Cert cert,
                                boolean verbose)

getExtensions

public static org.bouncycastle.asn1.x509.Extensions getExtensions(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)

getChallengePassword

public static String getChallengePassword(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)

getAttribute

public static org.bouncycastle.asn1.pkcs.Attribute getAttribute(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr,
                                                                org.bouncycastle.asn1.ASN1ObjectIdentifier type)

parseCerts

public static List<X509Cert> parseCerts(List<org.xipki.util.FileOrBinary> certsConf)
                                 throws org.xipki.util.exception.InvalidConfException

Throws:

org.xipki.util.exception.InvalidConfException

assertCsrAndCertMatch

public static void assertCsrAndCertMatch(org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                                         org.bouncycastle.asn1.x509.Certificate targetCert,
                                         boolean caCertRequired)
                                  throws XiSecurityException

Throws:

XiSecurityException