Package tigase.cert
Class CertificateUtil
- java.lang.Object
-
- tigase.cert.CertificateUtil
-
public abstract class CertificateUtil extends Object
Created: Sep 22, 2010 3:09:01 PM- Version:
- $Rev$
- Author:
- Artur Hefczyc
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static interfaceCertificateUtil.KeyPairSupplier
-
Field Summary
Fields Modifier and Type Field Description protected static byte[]ID_ON_XMPPADDR
-
Constructor Summary
Constructors Constructor Description CertificateUtil()
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static KeyPaircreateKeyPair(int size, String password)static X509CertificatecreateSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, KeyPair keyPair)Deprecated.static CertificateEntrycreateSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, CertificateUtil.KeyPairSupplier keyPairSupplier)static StringexportToPemFormat(CertificateEntry entry)protected static StringextractCN(X500Principal principal)static List<String>extractXmppAddrs(X509Certificate x509Certificate)static ArrayList<String>getCertAltCName(X509Certificate cert)static StringgetCertCName(X509Certificate cert)static booleanisExpired(X509Certificate cert)static booleanisSelfSigned(X509Certificate cert)static CertificateEntryloadCertificate(byte[] bytes)Loads a certificate from a DER byte buffer.static CertificateEntryloadCertificate(File file)static CertificateEntryloadCertificate(String file)static PrivateKeyloadPrivateKeyFromDER(File file)static voidmain(String[] args)static booleanmatch(String hostname, String altName)Checks if hostname matches name or wildcardstatic CertificateEntryparseCertificate(Reader data)static Certificate[]sort(Certificate[] chain)static List<Certificate>sort(List<Certificate> certs)static voidstoreCertificate(String file, CertificateEntry entry)static CertCheckResultvalidateCertificate(Certificate[] chain, KeyStore trustKeystore, boolean revocationEnabled)static booleanverifyCertificateForDomain(X509Certificate cert, String hostname)Method used to verify if certificate if valid for particular domain (if domain matches CN or ALT of certificate)protected static booleanverifyCertificateForHostname(String hostname, X509Certificate x509Certificate)protected static booleanverifyCertificateForIp(String ipAddr, X509Certificate x509Certificate)
-
-
-
Method Detail
-
createKeyPair
public static KeyPair createKeyPair(int size, String password) throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
createSelfSignedCertificate
@Deprecated public static X509Certificate createSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, KeyPair keyPair) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
Deprecated.
-
createSelfSignedCertificate
public static CertificateEntry createSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, CertificateUtil.KeyPairSupplier keyPairSupplier) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
-
exportToPemFormat
public static String exportToPemFormat(CertificateEntry entry) throws CertificateEncodingException
- Throws:
CertificateEncodingException
-
extractCN
protected static String extractCN(X500Principal principal)
-
extractXmppAddrs
public static List<String> extractXmppAddrs(X509Certificate x509Certificate)
-
getCertAltCName
public static ArrayList<String> getCertAltCName(X509Certificate cert)
-
getCertCName
public static String getCertCName(X509Certificate cert)
-
isExpired
public static boolean isExpired(X509Certificate cert)
-
isSelfSigned
public static boolean isSelfSigned(X509Certificate cert)
-
loadCertificate
public static CertificateEntry loadCertificate(File file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
-
loadCertificate
public static CertificateEntry loadCertificate(byte[] bytes) throws CertificateException, NoSuchProviderException
Loads a certificate from a DER byte buffer.- Parameters:
bytes-- Returns:
- Throws:
CertificateExceptionNoSuchProviderException
-
loadCertificate
public static CertificateEntry loadCertificate(String file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
-
loadPrivateKeyFromDER
public static PrivateKey loadPrivateKeyFromDER(File file) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException
-
match
public static boolean match(String hostname, String altName)
Checks if hostname matches name or wildcard- Parameters:
hostname-altName-- Returns:
- true if there is a match
-
parseCertificate
public static CertificateEntry parseCertificate(Reader data) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
-
sort
public static Certificate[] sort(Certificate[] chain)
-
sort
public static List<Certificate> sort(List<Certificate> certs)
-
storeCertificate
public static void storeCertificate(String file, CertificateEntry entry) throws CertificateEncodingException, IOException
-
validateCertificate
public static CertCheckResult validateCertificate(Certificate[] chain, KeyStore trustKeystore, boolean revocationEnabled) throws NoSuchAlgorithmException, KeyStoreException, InvalidAlgorithmParameterException, CertificateException
-
verifyCertificateForDomain
public static boolean verifyCertificateForDomain(X509Certificate cert, String hostname) throws CertificateParsingException
Method used to verify if certificate if valid for particular domain (if domain matches CN or ALT of certificate)- Parameters:
cert-hostname-- Returns:
- true if certificate is valid
- Throws:
CertificateParsingException
-
verifyCertificateForHostname
protected static boolean verifyCertificateForHostname(String hostname, X509Certificate x509Certificate) throws CertificateParsingException
- Throws:
CertificateParsingException
-
verifyCertificateForIp
protected static boolean verifyCertificateForIp(String ipAddr, X509Certificate x509Certificate) throws CertificateParsingException
- Throws:
CertificateParsingException
-
-