X509Cert (JCETaglib Javadoc Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sourceforge.jcetaglib.lib
Class X509Cert

java.lang.Object
  net.sourceforge.jcetaglib.lib.X509Cert

public class X509Cert
extends java.lang.Object

Create/Read/Manipulate X.509 certificates

Version:: $Id: X509Cert.java,v 1.3 2004/04/15 07:28:25 hamgert Exp $
Author:: Gert Van Ham, hamgert@users.sourceforge.net, http://jcetaglib.sourceforge.net

Constructor Summary
`X509Cert()`

Method Summary
`static java.security.cert.X509CRL`	`CreateCRL(java.math.BigInteger[] certserialnumbers, int crlnumber, long crlperiod, java.lang.String signaturealgorithm, java.security.cert.X509Certificate cacert, java.security.PrivateKey caprivkey)` Create a CRL (Certification Revokation List)
`static java.security.KeyPair`	`generateKeyPair(java.lang.String keypairalgorithm, int keylength, byte[] seed)` Generate key pair (public & private key)
`static java.security.cert.X509Certificate`	`getCACertificateFromP12(java.lang.String keystore, java.lang.String entryname, java.lang.StringBuffer password)` Read CA certificate from PKCS12 keystore
`static java.lang.String`	`getCertificateAsPem(java.security.cert.X509Certificate cert)` Encodes a certificate as a PEM formatted string
`static java.security.cert.X509Certificate`	`getCertificateFromP12(java.lang.String keystore, java.lang.String entryname, java.lang.StringBuffer password)` Read certificate from PKCS12 keystore
`static org.bouncycastle.jce.netscape.NetscapeCertRequest`	`getNetscapeRequest(java.lang.String request)` Reads a Netscape formatted certification request from a PEM string
`static org.bouncycastle.jce.PKCS10CertificationRequest`	`getPKCS10Request(java.lang.String request)` Reads a PKCS10 certification request from a PEM string
`static java.lang.String`	`getPrivateAsPem(java.security.PrivateKey privatekey)` Encodes a private key as a PEM formatted string
`static java.security.PrivateKey`	`getPrivateFromP12(java.lang.String keystore, java.lang.String entryname, java.lang.StringBuffer password)` Read private key from PKCS12 keystore
`static java.lang.String`	`replace(java.lang.String text, java.lang.String repl, java.lang.String with)` Replaces all occurrences of a string in a text with another string
`static void`	`saveAsP12(java.security.cert.X509Certificate cert, java.security.cert.X509Certificate signedby, java.security.PrivateKey privatekey, java.lang.String keystore, java.lang.String entryname, java.lang.StringBuffer password)` Saves certificate and corresponding private key as a P12 keystore
`static java.security.cert.X509Certificate`	`selfsign(java.security.PrivateKey privatekey, java.security.PublicKey publickey, java.lang.String signaturealgorithm, long validity, java.lang.String subjectdn, boolean isca, java.lang.String netscapeextensions)` Creates a self-signed certificate
`static java.security.cert.X509Certificate`	`sign(java.security.PublicKey publickey, java.security.PrivateKey issuerprivatekey, java.security.cert.X509Certificate issuercertificate, java.lang.String signaturealgorithm, long validity, java.lang.String subjectdn, boolean isca, java.lang.String crldisturi, java.lang.String netscapeextensions)` Create a signed certificate
`static java.lang.String`	`verifyCertificate(java.security.cert.X509Certificate cert, java.security.cert.X509Certificate cacert, java.security.cert.X509CRL crl)` Verify a certificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

X509Cert

public X509Cert()

Method Detail

generateKeyPair

public static java.security.KeyPair generateKeyPair(java.lang.String keypairalgorithm,
                                                    int keylength,
                                                    byte[] seed)
                                             throws java.security.NoSuchAlgorithmException,
                                                    java.security.NoSuchProviderException,
                                                    CryptoException

Generate key pair (public & private key)

Parameters:: keypairalgorithm - keypair algorithm (e.g. "RSA"); keylength - key length (e.g. 1024); seed - seed for SecureRandom (optional)
Returns:: generated keypair
Throws:: java.security.NoSuchAlgorithmException - unknown algorithm; java.security.NoSuchProviderException - unknown provider; CryptoException - cryptographic errors

selfsign

public static java.security.cert.X509Certificate selfsign(java.security.PrivateKey privatekey,
                                                          java.security.PublicKey publickey,
                                                          java.lang.String signaturealgorithm,
                                                          long validity,
                                                          java.lang.String subjectdn,
                                                          boolean isca,
                                                          java.lang.String netscapeextensions)
                                                   throws java.security.cert.CertificateException

Creates a self-signed certificate

Parameters:: privatekey - the private key; publickey - the public key; signaturealgorithm - signature algorithm (e.g. "MD5WithRSAEncryption"); validity - defines how long this certificate is valid (in days); subjectdn - the subject's distinguised name; isca - true if this certificate can be used for a Certificate Authority, false if not; netscapeextensions - adds netscape certificate extensions ("ca", "server", "client", "all")
Returns:: X.509 certificate
Throws:: java.security.cert.CertificateException - certificate errors

sign

public static java.security.cert.X509Certificate sign(java.security.PublicKey publickey,
                                                      java.security.PrivateKey issuerprivatekey,
                                                      java.security.cert.X509Certificate issuercertificate,
                                                      java.lang.String signaturealgorithm,
                                                      long validity,
                                                      java.lang.String subjectdn,
                                                      boolean isca,
                                                      java.lang.String crldisturi,
                                                      java.lang.String netscapeextensions)
                                               throws java.security.cert.CertificateException

Create a signed certificate

Parameters:: publickey - the public key; issuerprivatekey - the private key of the CA (issuer); issuercertificate - the certificate of the CA (issuer); signaturealgorithm - signature algorithm (e.g. "MD5WithRSAEncryption"); validity - defines how long this certificate is valid (in days); subjectdn - the subject's distinguised name; isca - true if this certificate can be used for a Certificate Authority, false if not; crldisturi - the CRL distribution URI; netscapeextensions - adds netscape certificate extensions ("ca", "server", "client", "all")
Returns:: X.509 certificate
Throws:: java.security.cert.CertificateException

CreateCRL

public static java.security.cert.X509CRL CreateCRL(java.math.BigInteger[] certserialnumbers,
                                                   int crlnumber,
                                                   long crlperiod,
                                                   java.lang.String signaturealgorithm,
                                                   java.security.cert.X509Certificate cacert,
                                                   java.security.PrivateKey caprivkey)
                                            throws java.security.cert.CertificateException

Create a CRL (Certification Revokation List)

Parameters:: certserialnumbers - array of certificate serial numbers that are revoked; crlnumber - the CRL number; crlperiod - how long this CRL is valid (in hours); signaturealgorithm - signature algorithm (e.g. "MD5WithRSAEncryption"); cacert - the CA's certificate; caprivkey - the CA's private key (to sign the CRL)
Returns:: CRL
Throws:: java.security.cert.CertificateException

verifyCertificate

public static java.lang.String verifyCertificate(java.security.cert.X509Certificate cert,
                                                 java.security.cert.X509Certificate cacert,
                                                 java.security.cert.X509CRL crl)
                                          throws java.security.cert.CertificateException

Verify a certificate

Parameters:: cert - certificate to verify; cacert - CA's certificate; crl - CRL
Returns:: status (INVALID, REVOKED, EXPIRED or VERIFIED)
Throws:: java.security.cert.CertificateException

getCertificateAsPem

public static java.lang.String getCertificateAsPem(java.security.cert.X509Certificate cert)
                                            throws java.security.cert.CertificateEncodingException

Encodes a certificate as a PEM formatted string

Parameters:: cert - X.509 certificate
Returns:: certificate as PEM encoded string
Throws:: java.security.cert.CertificateEncodingException

getPrivateAsPem

public static java.lang.String getPrivateAsPem(java.security.PrivateKey privatekey)

Encodes a private key as a PEM formatted string

Parameters:: privatekey - private key
Returns:: private key as PEM encoded string

saveAsP12

public static void saveAsP12(java.security.cert.X509Certificate cert,
                             java.security.cert.X509Certificate signedby,
                             java.security.PrivateKey privatekey,
                             java.lang.String keystore,
                             java.lang.String entryname,
                             java.lang.StringBuffer password)
                      throws java.security.KeyStoreException,
                             java.security.NoSuchProviderException,
                             java.lang.Exception

Saves certificate and corresponding private key as a P12 keystore

Parameters:: cert - X.509 certificate; signedby - X.509 certificate of the signer; privatekey - private key; keystore - keystore filename and location; entryname - keystore entry name; password - keystore password
Throws:: java.security.KeyStoreException - P12 keystore error; java.security.NoSuchProviderException - unknown JCE provider; java.lang.Exception - other errors

getCertificateFromP12

public static java.security.cert.X509Certificate getCertificateFromP12(java.lang.String keystore,
                                                                       java.lang.String entryname,
                                                                       java.lang.StringBuffer password)
                                                                throws java.security.KeyStoreException,
                                                                       java.security.NoSuchAlgorithmException,
                                                                       java.security.NoSuchProviderException,
                                                                       java.io.IOException,
                                                                       java.security.cert.CertificateException

Read certificate from PKCS12 keystore

Parameters:: keystore - keystore filename and location; entryname - keystore entry name; password - keystore password
Returns:: X.509 certificate
Throws:: java.security.KeyStoreException - P12 keystore error; java.security.NoSuchAlgorithmException - unknown algorithm; java.security.NoSuchProviderException - unknown provider; java.io.IOException - I/O errors; java.security.cert.CertificateException

getCACertificateFromP12

public static java.security.cert.X509Certificate getCACertificateFromP12(java.lang.String keystore,
                                                                         java.lang.String entryname,
                                                                         java.lang.StringBuffer password)
                                                                  throws java.security.KeyStoreException,
                                                                         java.security.NoSuchAlgorithmException,
                                                                         java.security.NoSuchProviderException,
                                                                         java.io.IOException,
                                                                         java.security.cert.CertificateException

Read CA certificate from PKCS12 keystore

Parameters:: keystore - keystore filename and location; entryname - keystore entry name; password - keystore password
Returns:: CA X.509 certificate
Throws:: java.security.KeyStoreException - P12 keystore error; java.security.NoSuchAlgorithmException - unknown algorithm; java.security.NoSuchProviderException - unknown provider; java.io.IOException - I/O errors; java.security.cert.CertificateException

getPrivateFromP12

public static java.security.PrivateKey getPrivateFromP12(java.lang.String keystore,
                                                         java.lang.String entryname,
                                                         java.lang.StringBuffer password)
                                                  throws java.security.KeyStoreException,
                                                         java.security.NoSuchAlgorithmException,
                                                         java.security.NoSuchProviderException,
                                                         java.io.IOException,
                                                         java.security.cert.CertificateException,
                                                         java.security.UnrecoverableKeyException

Read private key from PKCS12 keystore

Parameters:: keystore - keystore filename and location; entryname - keystore entry name; password - keystore password
Returns:: private key
Throws:: java.security.KeyStoreException - P12 keystore error; java.security.NoSuchAlgorithmException - unknown algorithm; java.security.NoSuchProviderException - unknown provider; java.io.IOException - I/O errors; java.security.cert.CertificateException; java.security.UnrecoverableKeyException

replace

public static java.lang.String replace(java.lang.String text,
                                       java.lang.String repl,
                                       java.lang.String with)

Replaces all occurrences of a string in a text with another string

Parameters:: text - text; repl - string to replace; with - replacement string
Returns:: new string

getPKCS10Request

public static org.bouncycastle.jce.PKCS10CertificationRequest getPKCS10Request(java.lang.String request)
                                                                        throws java.security.cert.CertificateException

Reads a PKCS10 certification request from a PEM string

Parameters:: request - the certification request as a PEM string
Returns:: certification request
Throws:: java.security.cert.CertificateException

getNetscapeRequest

public static org.bouncycastle.jce.netscape.NetscapeCertRequest getNetscapeRequest(java.lang.String request)
                                                                            throws java.security.cert.CertificateException

Reads a Netscape formatted certification request from a PEM string

Parameters:: request - the certification request as a PEM string
Returns:: certification request
Throws:: java.security.cert.CertificateException