net.sourceforge.jcetaglib.lib
Class CertTools

java.lang.Object
  net.sourceforge.jcetaglib.lib.CertTools

public class CertTools

extends java.lang.Object

Tools to handle common certificate operations.

Version:

$Id: CertTools.java,v 1.4 2004/04/15 07:28:25 hamgert Exp $

Constructor Summary

CertTools()
Creates new CertTools

Method Summary

static org.bouncycastle.asn1.x509.AuthorityKeyIdentifier	createAuthorityKeyId(java.security.PublicKey pubKey)
static org.bouncycastle.asn1.x509.SubjectKeyIdentifier	createSubjectKeyId(java.security.PublicKey pubKey)
static byte[]	generateSHA1Fingerprint(byte[] ba) Generate a SHA1 fingerprint from a byte array containing a X.509 certificate
static java.security.cert.X509Certificate	getCertfromPEM(java.io.InputStream certstream) Reads a certificate in PEM-format from an InputStream.
static java.security.cert.X509Certificate	getCertfromPEM(java.lang.String certFile) Reads a certificate in PEM-format from a file.
static java.security.cert.X509CRL	getCRLfromByteArray(byte[] crl) Creates X509CRL from byte[].
static java.lang.String	getFingerprintAsString(java.security.cert.X509Certificate cert) Generate SHA1 fingerprint of certificate in string representation.
static java.lang.String	getPartFromDN(java.lang.String dn, java.lang.String dnpart) Gets a specified part of a DN.
static java.security.PrivateKey	getPrivatefromPEM(java.io.InputStream keystream, java.lang.String keypwd)
static java.security.PrivateKey	getPrivatefromPEM(java.lang.String keyFile, java.lang.String keypwd)
static boolean	isSelfSigned(java.security.cert.X509Certificate cert) Checks if a certificate is self signed by verifying if subject and issuer are the same.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertTools

public CertTools()

Creates new CertTools

Method Detail

getPartFromDN

public static java.lang.String getPartFromDN(java.lang.String dn,
                                             java.lang.String dnpart)

Gets a specified part of a DN.

Parameters:

dn - String containing DN, The DN string has the format "C=SE, O=xx, OU=yy, CN=zz".

dnpart - String specifying which part of the DN to get, should be "CN" or "OU" etc.

Returns:

String containing dnpart or null if dnpart is not present

getPrivatefromPEM

public static java.security.PrivateKey getPrivatefromPEM(java.lang.String keyFile,
                                                         java.lang.String keypwd)
                                                  throws java.io.IOException,
                                                         java.security.NoSuchAlgorithmException,
                                                         java.security.spec.InvalidKeySpecException,
                                                         java.lang.Exception

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.spec.InvalidKeySpecException

java.lang.Exception

getPrivatefromPEM

public static java.security.PrivateKey getPrivatefromPEM(java.io.InputStream keystream,
                                                         java.lang.String keypwd)
                                                  throws java.io.IOException,
                                                         java.security.NoSuchAlgorithmException,
                                                         java.security.spec.InvalidKeySpecException,
                                                         java.lang.Exception

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.spec.InvalidKeySpecException

java.lang.Exception

getCertfromPEM

public static java.security.cert.X509Certificate getCertfromPEM(java.lang.String certFile)
                                                         throws java.io.IOException,
                                                                java.security.cert.CertificateException

Reads a certificate in PEM-format from a file. The file may contain other things, the first certificate in the file is read.

Parameters:

certFile - the file containing the certificate in PEM-format

Returns:

X509Certificate

Throws:

java.io.IOException - if the filen cannot be read.

java.security.cert.CertificateException - if the filen does not contain a correct certificate.

getCertfromPEM

public static java.security.cert.X509Certificate getCertfromPEM(java.io.InputStream certstream)
                                                         throws java.io.IOException,
                                                                java.security.cert.CertificateException

Reads a certificate in PEM-format from an InputStream. The stream may contain other things, the first certificate in the stream is read.

Parameters:

certstream - the input stream containing the certificate in PEM-format

Returns:

X509Certificate

Throws:

java.io.IOException - if the stream cannot be read.

java.security.cert.CertificateException - if the stream does not contain a correct certificate.

getCRLfromByteArray

public static java.security.cert.X509CRL getCRLfromByteArray(byte[] crl)
                                                      throws java.security.cert.CertificateException,
                                                             java.security.cert.CRLException

Creates X509CRL from byte[].

Parameters:

crl - byte array containing CRL in DER-format

Returns:

X509CRL

Throws:

java.security.cert.CertificateException - if the byte arrayen does not contani a correct CRL.

java.security.cert.CRLException - if the byte arrayen does not contani a correct CRL.

isSelfSigned

public static boolean isSelfSigned(java.security.cert.X509Certificate cert)

Checks if a certificate is self signed by verifying if subject and issuer are the same.

Parameters:

cert - the certificate that skall be checked.

Returns:

boolean true if the certificate has the same issuer and subject, false otherwise.

createSubjectKeyId

public static org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyId(java.security.PublicKey pubKey)

createAuthorityKeyId

public static org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyId(java.security.PublicKey pubKey)

getFingerprintAsString

public static java.lang.String getFingerprintAsString(java.security.cert.X509Certificate cert)

Generate SHA1 fingerprint of certificate in string representation.

Parameters:

cert - X509Certificate.

Returns:

String containing hex format of SHA1 fingerprint.

generateSHA1Fingerprint

public static byte[] generateSHA1Fingerprint(byte[] ba)

Generate a SHA1 fingerprint from a byte array containing a X.509 certificate

Parameters:

ba - Byte array containing DER encoded X509Certificate.

Returns:

Byte array containing SHA1 hash of DER encoded certificate.