public abstract class CertificateUtil extends Object
| Modifier and Type | Field and Description |
|---|---|
protected static byte[] |
ID_ON_XMPPADDR |
| Constructor and Description |
|---|
CertificateUtil() |
| Modifier and Type | Method and Description |
|---|---|
static KeyPair |
createKeyPair(int size,
String password) |
static X509Certificate |
createSelfSignedCertificate(String email,
String domain,
String organizationUnit,
String organization,
String city,
String state,
String country,
KeyPair keyPair) |
static String |
exportToPemFormat(CertificateEntry entry) |
protected static String |
extractCN(X500Principal principal) |
static List<String> |
extractXmppAddrs(X509Certificate x509Certificate) |
static ArrayList<String> |
getCertAltCName(X509Certificate cert) |
static String |
getCertCName(X509Certificate cert) |
static boolean |
isExpired(X509Certificate cert) |
static boolean |
isSelfSigned(X509Certificate cert) |
static CertificateEntry |
loadCertificate(byte[] bytes)
Loads a certificate from a DER byte buffer.
|
static CertificateEntry |
loadCertificate(File file) |
static CertificateEntry |
loadCertificate(String file) |
static PrivateKey |
loadPrivateKeyFromDER(File file) |
static void |
main(String[] args) |
static boolean |
match(String hostname,
String altName)
Checks if hostname matches name or wildcard
|
static CertificateEntry |
parseCertificate(Reader data) |
static Certificate[] |
sort(Certificate[] chain) |
static List<Certificate> |
sort(List<Certificate> certs) |
static void |
storeCertificate(String file,
CertificateEntry entry) |
static CertCheckResult |
validateCertificate(Certificate[] chain,
KeyStore trustKeystore,
boolean revocationEnabled) |
static boolean |
verifyCertificateForDomain(X509Certificate cert,
String hostname)
Method used to verify if certificate if valid for particular domain
(if domain matches CN or ALT of certificate)
|
protected static boolean |
verifyCertificateForHostname(String hostname,
X509Certificate x509Certificate) |
protected static boolean |
verifyCertificateForIp(String ipAddr,
X509Certificate x509Certificate) |
public static KeyPair createKeyPair(int size, String password) throws NoSuchAlgorithmException
NoSuchAlgorithmExceptionpublic static X509Certificate createSelfSignedCertificate(String email, String domain, String organizationUnit, String organization, String city, String state, String country, KeyPair keyPair) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
public static String exportToPemFormat(CertificateEntry entry) throws CertificateEncodingException
CertificateEncodingExceptionpublic static List<String> extractXmppAddrs(X509Certificate x509Certificate)
public static ArrayList<String> getCertAltCName(X509Certificate cert)
public static String getCertCName(X509Certificate cert)
public static boolean isExpired(X509Certificate cert)
public static boolean isSelfSigned(X509Certificate cert)
public static CertificateEntry loadCertificate(File file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
public static CertificateEntry loadCertificate(byte[] bytes) throws CertificateException, NoSuchProviderException
bytes - CertificateExceptionNoSuchProviderExceptionpublic static CertificateEntry loadCertificate(String file) throws FileNotFoundException, IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
public static PrivateKey loadPrivateKeyFromDER(File file) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException
public static CertificateEntry parseCertificate(Reader data) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException
public static Certificate[] sort(Certificate[] chain)
public static List<Certificate> sort(List<Certificate> certs)
public static void storeCertificate(String file, CertificateEntry entry) throws CertificateEncodingException, IOException
public static CertCheckResult validateCertificate(Certificate[] chain, KeyStore trustKeystore, boolean revocationEnabled) throws NoSuchAlgorithmException, KeyStoreException, InvalidAlgorithmParameterException, CertificateException
public static boolean verifyCertificateForDomain(X509Certificate cert, String hostname) throws CertificateParsingException
cert - hostname - CertificateParsingExceptionprotected static String extractCN(X500Principal principal)
public static boolean match(String hostname, String altName)
hostname - altName - protected static boolean verifyCertificateForHostname(String hostname, X509Certificate x509Certificate) throws CertificateParsingException
CertificateParsingExceptionprotected static boolean verifyCertificateForIp(String ipAddr, X509Certificate x509Certificate) throws CertificateParsingException
CertificateParsingExceptionCopyright © 2018 "Tigase, Inc.". All rights reserved.