public class CertificateHelpers
extends java.lang.Object
Modifier and Type | Class and Description |
---|---|
static class |
CertificateHelpers.PEMContentsType |
Modifier and Type | Field and Description |
---|---|
private static byte[] |
TEST |
Constructor and Description |
---|
CertificateHelpers() |
Modifier and Type | Method and Description |
---|---|
static void |
checkKeysMatching(java.security.PrivateKey privKey,
java.security.PublicKey pubKey)
Throws an exception if the private key is not matching the public key.
|
private static boolean |
checkKeysViaSignature(java.lang.String alg,
java.security.PrivateKey privKey,
java.security.PublicKey pubKey) |
static byte[] |
getExtensionBytes(java.security.cert.X509Certificate cert,
java.lang.String oid)
Gets the certificate extension identified by the oid and returns the
value bytes unwrapped by the ASN1OctetString.
|
private static java.security.cert.CertificateFactory |
getFactory() |
static CertificateHelpers.PEMContentsType |
getPEMType(java.lang.String name)
Assumes that the input is the contents of the PEM identification line,
after '-----BEGIN ' prefix.
|
static java.security.cert.Certificate |
readDERCertificate(java.io.InputStream input) |
static java.util.Collection<? extends java.security.cert.Certificate> |
readDERCertificates(java.io.InputStream input) |
static java.security.cert.X509Certificate[] |
sortChain(java.util.List<java.security.cert.X509Certificate> certificates)
Creates a chain of certificates, where the top-most certificate (the one without
issuing certificate) is the last in the returned array.
|
static java.security.cert.CertPath |
toCertPath(java.security.cert.X509Certificate[] in)
Converts certificates array to
CertPath |
static org.bouncycastle.asn1.x500.X500Name |
toX500Name(javax.security.auth.x500.X500Principal srcDn)
|
public static CertificateHelpers.PEMContentsType getPEMType(java.lang.String name)
name
- PEM first line to be checked.public static java.util.Collection<? extends java.security.cert.Certificate> readDERCertificates(java.io.InputStream input) throws java.io.IOException
java.io.IOException
public static java.security.cert.Certificate readDERCertificate(java.io.InputStream input) throws java.io.IOException
java.io.IOException
private static java.security.cert.CertificateFactory getFactory()
public static java.security.cert.X509Certificate[] sortChain(java.util.List<java.security.cert.X509Certificate> certificates) throws java.io.IOException
certificates
- unsorted certificates of one chainjava.io.IOException
- if the passed chain is inconsistentpublic static java.security.cert.CertPath toCertPath(java.security.cert.X509Certificate[] in) throws java.security.cert.CertificateException
CertPath
in
- arrayjava.security.cert.CertificateException
- certificate exceptionpublic static org.bouncycastle.asn1.x500.X500Name toX500Name(javax.security.auth.x500.X500Principal srcDn)
srcDn
- source objectpublic static byte[] getExtensionBytes(java.security.cert.X509Certificate cert, java.lang.String oid) throws java.io.IOException
cert
- The certificate to inspect.oid
- The extension OID to fetch.java.io.IOException
- thrown in case the certificate parsing fails.public static void checkKeysMatching(java.security.PrivateKey privKey, java.security.PublicKey pubKey) throws java.security.InvalidKeyException
privKey
- first key to matchpubKey
- 2nd key to matchjava.security.InvalidKeyException
- invalid key exceptionprivate static boolean checkKeysViaSignature(java.lang.String alg, java.security.PrivateKey privKey, java.security.PublicKey pubKey) throws java.security.InvalidKeyException
java.security.InvalidKeyException