Package tigase.cert
Class CertificateUtil
java.lang.Object
tigase.cert.CertificateUtil
Created: Sep 22, 2010 3:09:01 PM
- Version:
- $Rev$
- Author:
- Artur Hefczyc
-
Nested Class Summary
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic KeyPair
createKeyPair
(int size, String password) static X509Certificate
createSelfSignedCertificate
(String email, String domain, String organizationUnit, String organization, String city, String state, String country, KeyPair keyPair) Deprecated.static CertificateEntry
createSelfSignedCertificate
(String email, String domain, String organizationUnit, String organization, String city, String state, String country, CertificateUtil.KeyPairSupplier keyPairSupplier) static String
protected static String
extractCN
(X500Principal principal) extractXmppAddrs
(X509Certificate x509Certificate) static String
getCertCName
(X509Certificate cert) static StringBuilder
getCertificateBasicInfo
(StringBuilder sb, Certificate cert) static String
static String
static Optional<BigInteger>
static boolean
isExpired
(X509Certificate cert) static boolean
isSelfSigned
(X509Certificate cert) static CertificateEntry
loadCertificate
(byte[] bytes) Deprecated.static CertificateEntry
loadCertificate
(File file) static CertificateEntry
loadCertificate
(String file) static PrivateKey
loadPrivateKeyFromDER
(File file) static void
static boolean
Checks if hostname matches name or wildcardstatic CertificateEntry
parseCertificate
(Reader data) static Certificate[]
removeRootCACertificate
(Certificate[] certChain) static Certificate[]
sort
(Certificate[] chain) static List<Certificate>
sort
(List<Certificate> certs) static void
storeCertificate
(String file, CertificateEntry entry) static CertCheckResult
validateCertificate
(Certificate[] chain, KeyStore trustKeystore, boolean revocationEnabled) static boolean
verifyCertificateForDomain
(X509Certificate cert, String hostname) Method used to verify if certificate if valid for particular domain (if domain matches CN or ALT of certificate)protected static boolean
verifyCertificateForHostname
(String hostname, X509Certificate x509Certificate) protected static boolean
verifyCertificateForIp
(String ipAddr, X509Certificate x509Certificate)
-
Field Details
-
ID_ON_XMPPADDR
protected static final byte[] ID_ON_XMPPADDR
-
-
Constructor Details
-
CertificateUtil
public CertificateUtil()
-
-
Method Details
-
createKeyPair
- Throws:
NoSuchAlgorithmException
-
createSelfSignedCertificate
@Deprecated public static X509Certificate createSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, KeyPair keyPair) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException Deprecated. -
createSelfSignedCertificate
public static CertificateEntry createSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, CertificateUtil.KeyPairSupplier keyPairSupplier) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException -
exportToPemFormat
- Throws:
CertificateEncodingException
-
extractCN
-
extractXmppAddrs
-
getCertAltCName
-
getCertCName
-
getCertificateBasicInfo
-
getCertificateBasicInfo
-
getCertificateFingerprint
public static String getCertificateFingerprint(Certificate cert) throws CertificateEncodingException, NoSuchAlgorithmException -
getCertificateSerialNumber
-
isExpired
-
isSelfSigned
-
loadCertificate
public static CertificateEntry loadCertificate(File file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException -
loadCertificate
@Deprecated public static CertificateEntry loadCertificate(byte[] bytes) throws CertificateException, NoSuchProviderException Deprecated.Loads a certificate from a DER byte buffer. -
loadCertificate
public static CertificateEntry loadCertificate(String file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException -
loadPrivateKeyFromDER
public static PrivateKey loadPrivateKeyFromDER(File file) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException -
main
- Throws:
Exception
-
match
Checks if hostname matches name or wildcard- Returns:
- true if there is a match
-
parseCertificate
public static CertificateEntry parseCertificate(Reader data) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException -
removeRootCACertificate
-
sort
-
sort
-
storeCertificate
public static void storeCertificate(String file, CertificateEntry entry) throws CertificateEncodingException, IOException -
validateCertificate
public static CertCheckResult validateCertificate(Certificate[] chain, KeyStore trustKeystore, boolean revocationEnabled) throws NoSuchAlgorithmException, KeyStoreException, InvalidAlgorithmParameterException, CertificateException -
verifyCertificateForDomain
public static boolean verifyCertificateForDomain(X509Certificate cert, String hostname) throws CertificateParsingException Method used to verify if certificate if valid for particular domain (if domain matches CN or ALT of certificate)- Returns:
- true if certificate is valid
- Throws:
CertificateParsingException
-
verifyCertificateForHostname
protected static boolean verifyCertificateForHostname(String hostname, X509Certificate x509Certificate) throws CertificateParsingException - Throws:
CertificateParsingException
-
verifyCertificateForIp
protected static boolean verifyCertificateForIp(String ipAddr, X509Certificate x509Certificate) throws CertificateParsingException - Throws:
CertificateParsingException
-