Package org.xipki.security.util
Class X509Util
- java.lang.Object
-
- org.xipki.security.util.X509Util
-
public class X509Util extends Object
X.509 certificate utility class.- Since:
- 2.0.0
- Author:
- Lijun Liao (xipki)
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static voidassertCsrAndCertMatch(org.bouncycastle.asn1.pkcs.CertificationRequest csr, org.bouncycastle.asn1.x509.Certificate targetCert, boolean caCertRequired)static X509Cert[]buildCertPath(X509Cert targetCert, Collection<X509Cert> certs)Build the certificate path.static X509Cert[]buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, boolean includeTargetCert)Build the certificate path.static X509Cert[]buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, Collection<X509Cert> trustanchors, boolean includeTargetCert)static StringcanonicalizName(org.bouncycastle.asn1.x500.X500Name name)static org.bouncycastle.asn1.x509.ExtendedKeyUsagecreateExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)static org.bouncycastle.asn1.x509.ExtensioncreateExtnSubjectAltName(List<String> taggedValues, boolean critical)static org.bouncycastle.asn1.x509.ExtensioncreateExtnSubjectInfoAccess(List<String> accessMethodAndLocations, boolean critical)static org.bouncycastle.asn1.x509.KeyUsagecreateKeyUsage(Set<KeyUsage> usages)static StringcutText(String text, int maxLen)static StringcutX500Name(org.bouncycastle.asn1.x500.X500Name name, int maxLen)static StringencodeCertificates(byte[][] certchain)static StringencodeCertificates(X509Cert[] certchain)static StringformatCert(X509Cert cert, boolean verbose)static longfpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)static org.bouncycastle.asn1.pkcs.AttributegetAttribute(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr, org.bouncycastle.asn1.ASN1ObjectIdentifier type)static StringgetChallengePassword(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)static StringgetCommonName(org.bouncycastle.asn1.x500.X500Name name)static byte[]getCoreExtValue(org.bouncycastle.asn1.x509.Extensions extensions, org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)static org.bouncycastle.asn1.x509.ExtensionsgetExtensions(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)static booleanissues(X509Cert issuerCert, X509Cert cert)static List<X509Cert>listCertificates(String encodedCerts)static X509CertparseCert(byte[] bytes)static X509CertparseCert(File file)static X509CertparseCert(InputStream certStream)static List<X509Cert>parseCerts(byte[] certsBytes)static List<X509Cert>parseCerts(InputStream certsStream)static List<X509Cert>parseCerts(List<org.xipki.util.FileOrBinary> certsConf)static org.bouncycastle.cert.X509CRLHolderparseCrl(byte[] encodedCrl)static org.bouncycastle.cert.X509CRLHolderparseCrl(File file)static org.bouncycastle.asn1.pkcs.CertificationRequestparseCsr(byte[] csrBytes)static org.bouncycastle.asn1.pkcs.CertificationRequestparseCsr(File file)static X509CertificateparseX509Certificate(InputStream crlStream)static StringrdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)static org.bouncycastle.asn1.x500.X500Namereverse(org.bouncycastle.asn1.x500.X500Name name)static byte[]toDerEncoded(byte[] bytes)static StringtoPemCert(X509Cert cert)static org.bouncycastle.asn1.x509.SubjectPublicKeyInfotoRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)static Stringx500NameText(org.bouncycastle.asn1.x500.X500Name name)
-
-
-
Method Detail
-
getCommonName
public static String getCommonName(org.bouncycastle.asn1.x500.X500Name name)
-
reverse
public static org.bouncycastle.asn1.x500.X500Name reverse(org.bouncycastle.asn1.x500.X500Name name)
-
parseCert
public static X509Cert parseCert(File file) throws IOException, CertificateException
- Throws:
IOExceptionCertificateException
-
parseCerts
public static List<X509Cert> parseCerts(byte[] certsBytes) throws IOException, CertificateException
- Throws:
IOExceptionCertificateException
-
parseCerts
public static List<X509Cert> parseCerts(InputStream certsStream) throws IOException, CertificateException
- Throws:
IOExceptionCertificateException
-
parseCert
public static X509Cert parseCert(InputStream certStream) throws IOException, CertificateException
- Throws:
IOExceptionCertificateException
-
parseCert
public static X509Cert parseCert(byte[] bytes) throws CertificateEncodingException
- Throws:
CertificateEncodingException
-
parseCsr
public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(File file) throws IOException
- Throws:
IOException
-
parseCsr
public static org.bouncycastle.asn1.pkcs.CertificationRequest parseCsr(byte[] csrBytes)
-
toDerEncoded
public static byte[] toDerEncoded(byte[] bytes)
-
parseX509Certificate
public static X509Certificate parseX509Certificate(InputStream crlStream) throws CertificateException
- Throws:
CertificateException
-
parseCrl
public static org.bouncycastle.cert.X509CRLHolder parseCrl(File file) throws IOException, CRLException
- Throws:
IOExceptionCRLException
-
parseCrl
public static org.bouncycastle.cert.X509CRLHolder parseCrl(byte[] encodedCrl) throws CRLException- Throws:
CRLException
-
x500NameText
public static String x500NameText(org.bouncycastle.asn1.x500.X500Name name)
-
fpCanonicalizedName
public static long fpCanonicalizedName(org.bouncycastle.asn1.x500.X500Name name)
-
canonicalizName
public static String canonicalizName(org.bouncycastle.asn1.x500.X500Name name)
-
rdnValueToString
public static String rdnValueToString(org.bouncycastle.asn1.ASN1Encodable value)
-
createKeyUsage
public static org.bouncycastle.asn1.x509.KeyUsage createKeyUsage(Set<KeyUsage> usages)
-
createExtendedUsage
public static org.bouncycastle.asn1.x509.ExtendedKeyUsage createExtendedUsage(Collection<org.bouncycastle.asn1.ASN1ObjectIdentifier> usages)
-
getCoreExtValue
public static byte[] getCoreExtValue(org.bouncycastle.asn1.x509.Extensions extensions, org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)
-
buildCertPath
public static X509Cert[] buildCertPath(X509Cert targetCert, Collection<X509Cert> certs) throws CertPathBuilderException
Build the certificate path. Cross certificate will not be considered.- Parameters:
targetCert- certificate for which the certificate path will be builtcerts- collection of certificates.- Returns:
- the certificate path
- Throws:
CertPathBuilderException- If a valid certificate path can not be built.
-
buildCertPath
public static X509Cert[] buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, boolean includeTargetCert) throws CertPathBuilderException
Build the certificate path. Cross certificate will not be considered.- Parameters:
targetCert- certificate for which the certificate path will be builtcerts- collection of certificates.includeTargetCert- whether to includetargetCertin the result.- Returns:
- the certificate path
- Throws:
CertPathBuilderException- If cannot build a valid certificate path.
-
buildCertPath
public static X509Cert[] buildCertPath(X509Cert targetCert, Collection<X509Cert> certs, Collection<X509Cert> trustanchors, boolean includeTargetCert)
-
encodeCertificates
public static String encodeCertificates(X509Cert[] certchain) throws CertificateException, IOException
- Throws:
CertificateExceptionIOException
-
encodeCertificates
public static String encodeCertificates(byte[][] certchain)
-
listCertificates
public static List<X509Cert> listCertificates(String encodedCerts) throws CertificateException, IOException
- Throws:
CertificateExceptionIOException
-
issues
public static boolean issues(X509Cert issuerCert, X509Cert cert) throws CertificateEncodingException
- Throws:
CertificateEncodingException
-
toRfc3279Style
public static org.bouncycastle.asn1.x509.SubjectPublicKeyInfo toRfc3279Style(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo) throws InvalidKeySpecException- Throws:
InvalidKeySpecException
-
cutX500Name
public static String cutX500Name(org.bouncycastle.asn1.x500.X500Name name, int maxLen)
-
createExtnSubjectAltName
public static org.bouncycastle.asn1.x509.Extension createExtnSubjectAltName(List<String> taggedValues, boolean critical) throws BadInputException
- Throws:
BadInputException
-
createExtnSubjectInfoAccess
public static org.bouncycastle.asn1.x509.Extension createExtnSubjectInfoAccess(List<String> accessMethodAndLocations, boolean critical) throws BadInputException
- Throws:
BadInputException
-
getExtensions
public static org.bouncycastle.asn1.x509.Extensions getExtensions(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)
-
getChallengePassword
public static String getChallengePassword(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr)
-
getAttribute
public static org.bouncycastle.asn1.pkcs.Attribute getAttribute(org.bouncycastle.asn1.pkcs.CertificationRequestInfo csr, org.bouncycastle.asn1.ASN1ObjectIdentifier type)
-
parseCerts
public static List<X509Cert> parseCerts(List<org.xipki.util.FileOrBinary> certsConf) throws org.xipki.util.exception.InvalidConfException
- Throws:
org.xipki.util.exception.InvalidConfException
-
assertCsrAndCertMatch
public static void assertCsrAndCertMatch(org.bouncycastle.asn1.pkcs.CertificationRequest csr, org.bouncycastle.asn1.x509.Certificate targetCert, boolean caCertRequired) throws XiSecurityException- Throws:
XiSecurityException
-
-