PKIUtils

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.glite.voms
Class PKIUtils

java.lang.Object
  org.glite.voms.PKIUtils

public class PKIUtils
extends java.lang.Object
extends java.lang.Object

Constructor Summary
`PKIUtils()`

Method Summary
`static boolean`	`checkIssued(java.security.cert.X509Certificate issuer, java.security.cert.X509Certificate issued)` Checks if a certificate issued another certificate, according to RFC 3280.
`static boolean`	`DNCompare(java.lang.String dn1, java.lang.String dn2)`
`static org.bouncycastle.asn1.x509.AuthorityKeyIdentifier`	`getAKID(java.security.cert.X509Certificate cert)` Gets the AuthorityKeyIdentifier extension form the passed certificate.
`static java.lang.String`	`getBaseName(java.io.File f)` Gets the basename of a file.
`static org.bouncycastle.asn1.x509.BasicConstraints`	`getBasicConstraints(java.security.cert.X509Certificate cert)` Gets the BasicConstraints extension form the passed certificate.
`static java.lang.String`	`getHash(byte[] name)` Gets the MD5 hash value of the given byte array.
`static java.lang.String`	`getHash(javax.security.auth.x500.X500Principal principal)` Gets the MD5 hash value of the given principal.
`static java.lang.String`	`getHash(java.security.cert.X509Certificate x509)` Gets the MD5 hash value of the subject of the given certificate.
`static java.lang.String`	`getHash(java.security.cert.X509CRL crl)` Gets the MD5 hash value of the issuer of the given CRL.
`static java.lang.String`	`getHash(org.bouncycastle.jce.X509Principal principal)` Gets the MD5 hash value of the given principal.
`static java.lang.String`	`getOpenSSLFormatPrincipal(java.security.Principal principal)`
`static java.lang.String`	`getOpenSSLFormatPrincipal(java.security.Principal principal, boolean reverse)` Gets an OpenSSL-style representation of a principal.
`static org.bouncycastle.asn1.x509.SubjectKeyIdentifier`	`getSKID(java.security.cert.X509Certificate cert)` Gets the SubjectKeyIdentifier extension form the passed certificate.
`static boolean`	`isCA(java.security.cert.X509Certificate cert)` Checks if the passed certificate is a CA certificate.
`static boolean`	`isProxy(java.security.cert.X509Certificate cert)` Checks if the passed certificate is a proxy certificate.
`static java.security.cert.X509Certificate[]`	`loadCertificates(java.io.File file)` Loads a set of credentials from a file.
`static java.security.cert.X509Certificate[]`	`loadCertificates(java.lang.String filename)` Loads a set of credentials from a file.
`static java.security.cert.X509CRL`	`loadCRL(java.io.File file)` Loads a CRL from a file.
`static java.security.cert.X509CRL`	`loadCRL(java.lang.String filename)` Loads a CRL from a file.
`static java.security.PrivateKey`	`loadPrivateKey(java.io.File file, org.bouncycastle.openssl.PasswordFinder finder)`
`static java.security.PrivateKey`	`loadPrivateKey(java.lang.String filename, org.bouncycastle.openssl.PasswordFinder finder)`
`static java.lang.String`	`Normalize(java.lang.String dn)` Compares two DNs for equality, taking into account different representations for the Email and UserID tags.
`static java.lang.Object`	`readObject(java.io.File f)` Reads either a certificate or a CRL from a file.
`static boolean`	`selfIssued(java.security.cert.X509Certificate cert)` Checks if the give certificate is self-issued.
`static int`	`skipToCertBeginning(java.io.BufferedInputStream stream)` Prepares a BufferedInputStream to read either a certificate or a CRL from it.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

PKIUtils

public PKIUtils()

Method Detail

getHash

public static java.lang.String getHash(java.security.cert.X509Certificate x509)

Gets the MD5 hash value of the subject of the given certificate.

Parameters:: x509 - The certificate from which to get the subject.
Returns:: the hash value.
Throws:: java.lang.IllegalArgumentException - if x509 is null.; InvalidStateException - if the MD5 algorithm is not supported.

getHash

public static java.lang.String getHash(java.security.cert.X509CRL crl)

Gets the MD5 hash value of the issuer of the given CRL.

Parameters:: crl - The CRL from which to get the issuer.
Returns:: the hash value.
Throws:: java.lang.IllegalArgumentException - if crl is null.; InvalidStateException - if the MD5 algorithm is not supported.

getHash

public static java.lang.String getHash(org.bouncycastle.jce.X509Principal principal)

Gets the MD5 hash value of the given principal.

Parameters:: principal - the principal.
Returns:: the hash value.
Throws:: java.lang.IllegalArgumentException - if crl is null.; InvalidStateException - if the MD5 algorithm is not supported.

getHash

public static java.lang.String getHash(javax.security.auth.x500.X500Principal principal)

Gets the MD5 hash value of the given principal.

Parameters:: principal - the principal.
Returns:: the hash value.
Throws:: java.lang.IllegalArgumentException - if crl is null.; InvalidStateException - if the MD5 algorithm is not supported.

getHash

public static java.lang.String getHash(byte[] name)

Gets the MD5 hash value of the given byte array.

Parameters:: name - the data from which to compute the hash.
Returns:: the hash value.
Throws:: java.lang.IllegalArgumentException - if crl is null.; InvalidStateException - if the MD5 algorithm is not supported.

getOpenSSLFormatPrincipal

public static java.lang.String getOpenSSLFormatPrincipal(java.security.Principal principal)

getOpenSSLFormatPrincipal

public static java.lang.String getOpenSSLFormatPrincipal(java.security.Principal principal,
                                                         boolean reverse)

Gets an OpenSSL-style representation of a principal.

Parameters:: principal - the principal
Returns:: a String representing the principal.

Normalize

public static java.lang.String Normalize(java.lang.String dn)

Compares two DNs for equality, taking into account different representations for the Email and UserID tags.

Parameters:: dn1 - the first dn to compare.; dn2 - the second dn to compare
Returns:: true if dn1 and dn2 are equal, false otherwise.

DNCompare

public static boolean DNCompare(java.lang.String dn1,
                                java.lang.String dn2)

getBaseName

public static java.lang.String getBaseName(java.io.File f)

Gets the basename of a file.

Parameters:: f - File object representing a file.
Returns:: a string representing the file name, minus the path.

selfIssued

public static boolean selfIssued(java.security.cert.X509Certificate cert)

Checks if the give certificate is self-issued.

Parameters:: cert - The certificate to check.
Returns:: true if the certificate is self-issued, false otherwise.

checkIssued

public static boolean checkIssued(java.security.cert.X509Certificate issuer,
                                  java.security.cert.X509Certificate issued)

Checks if a certificate issued another certificate, according to RFC 3280.

Parameters:: issuer - The candidate issuer certificate.; issued - The candidate issued certificate.
Returns:: true if issuer issued issued, false othersie.

isCA

public static boolean isCA(java.security.cert.X509Certificate cert)

Checks if the passed certificate is a CA certificate.

Parameters:: cert - the candidate CA certificate.
Returns:: true if cert is a CA certificate.

isProxy

public static boolean isProxy(java.security.cert.X509Certificate cert)

Checks if the passed certificate is a proxy certificate. Recognizes GT2, GT3 and GT4 proxies.

Parameters:: cert - the candidate proxy certificate.
Returns:: true if cert is a proxy certificate.

getAKID

public static org.bouncycastle.asn1.x509.AuthorityKeyIdentifier getAKID(java.security.cert.X509Certificate cert)

Gets the AuthorityKeyIdentifier extension form the passed certificate.

Parameters:: cert - The certificate from which to get the extension.
Returns:: the extension if present, or null if not present.

getSKID

public static org.bouncycastle.asn1.x509.SubjectKeyIdentifier getSKID(java.security.cert.X509Certificate cert)

Gets the SubjectKeyIdentifier extension form the passed certificate.

Parameters:: cert - The certificate from which to get the extension.
Returns:: the extension if present, or null if not present.

getBasicConstraints

public static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints(java.security.cert.X509Certificate cert)

Gets the BasicConstraints extension form the passed certificate.

Parameters:: cert - The certificate from which to get the extension.
Returns:: the extension if present, or null if not present.

loadPrivateKey

public static java.security.PrivateKey loadPrivateKey(java.lang.String filename,
                                                      org.bouncycastle.openssl.PasswordFinder finder)

loadPrivateKey

public static java.security.PrivateKey loadPrivateKey(java.io.File file,
                                                      org.bouncycastle.openssl.PasswordFinder finder)

loadCertificates

public static java.security.cert.X509Certificate[] loadCertificates(java.lang.String filename)
                                                             throws java.security.cert.CertificateException

Loads a set of credentials from a file.

Parameters:: filename - the name of the file from which to load the certificates.
Returns:: an array containing the certificates that were present in the file.
Throws:: java.security.cert.CertificateException - if there were problems parsing the certificates.; java.lang.IllegalArgumentException - if the file cannot be found.

loadCertificates

public static java.security.cert.X509Certificate[] loadCertificates(java.io.File file)
                                                             throws java.security.cert.CertificateException

Loads a set of credentials from a file.

Parameters:: file - the File object from which to load the certificates.
Returns:: an array containing the certificates that were present in the file.
Throws:: java.security.cert.CertificateException - if there were problems parsing the certificates.; java.lang.IllegalArgumentException - if the file cannot be found.
See Also:: File

loadCRL

public static java.security.cert.X509CRL loadCRL(java.lang.String filename)
                                          throws java.security.cert.CRLException

Loads a CRL from a file.

Parameters:: filename - the name of the file from which to load the CRL.
Returns:: an array containing the certificates that were present in the file.
Throws:: java.security.cert.CRLException - if there were problems parsing the CRL.; java.lang.IllegalArgumentException - if the file cannot be found.

loadCRL

public static java.security.cert.X509CRL loadCRL(java.io.File file)
                                          throws java.security.cert.CRLException

Loads a CRL from a file.

Parameters:: file - the File object from which to load the CRL.
Returns:: an array containing the certificates that were present in the file.
Throws:: java.security.cert.CRLException - if there were problems parsing the CRL.; java.lang.IllegalArgumentException - if the file cannot be found.

readObject

public static java.lang.Object readObject(java.io.File f)
                                   throws java.io.IOException,
                                          java.security.cert.CertificateException,
                                          java.security.cert.CRLException

Reads either a certificate or a CRL from a file.

Parameters:: f - the file from which to read;
Returns:: the Object loaded.
Throws:: java.io.IOException - if there have been problems reading the file.; java.security.cert.CertificateException - if there have been problems parsing the certificate.; java.security.cert.CRLException - if there have been problems parsing the CRL.

skipToCertBeginning

public static int skipToCertBeginning(java.io.BufferedInputStream stream)
                               throws java.io.IOException

Prepares a BufferedInputStream to read either a certificate or a CRL from it. Skips everything in front of "-----BEGIN" in the stream.

Parameters:: stream - The stream to read and skip.
Returns:: CERT if a certificate is the next object to be read from the stream, CRL if the next object is a CRL, -1 if the next object is of type unknown.
Throws:: java.io.IOException - Thrown if there is a problem skipping. Note: this a modified version of code originally written by Joni Hakhala

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.glite.voms Class PKIUtils

PKIUtils

getHash

getHash

getHash

getHash

getHash

getOpenSSLFormatPrincipal

getOpenSSLFormatPrincipal

Normalize

DNCompare

getBaseName

selfIssued

checkIssued

isCA

isProxy

getAKID

getSKID

getBasicConstraints

loadPrivateKey

loadPrivateKey

loadCertificates

loadCertificates

loadCRL

loadCRL

readObject

skipToCertBeginning

org.glite.voms
Class PKIUtils