Class CertificateUtil


  • public final class CertificateUtil
    extends Object
    FILL ME
    Author:
    ranantha@mcs.anl.gov
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static KeyPair generateKeyPair​(String algorithm, int bits)
      Generates a key pair of given algorithm and strength.
      static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints​(org.bouncycastle.asn1.x509.X509Extension ext)
      Creates a BasicConstraints object from given extension.
      static int getCAPathConstraint​(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
      Return CA Path constraint
      static GSIConstants.CertificateType getCertificateType​(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
      Returns certificate type of the given TBS certificate.
      static CertPath getCertPath​(X509Certificate[] certs)  
      static org.bouncycastle.asn1.ASN1Primitive getExtensionObject​(org.bouncycastle.asn1.x509.X509Extension ext)
      Extracts the value of a certificate extension.
      static EnumSet<KeyUsage> getKeyUsage​(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)  
      static EnumSet<KeyUsage> getKeyUsage​(org.bouncycastle.asn1.x509.X509Extension ext)
      Gets a boolean array representing bits of the KeyUsage extension.
      static org.bouncycastle.asn1.x509.TBSCertificateStructure getTBSCertificateStructure​(X509Certificate cert)
      Extracts the TBS certificate from the given certificate.
      static void init()
      A no-op function that can be used to force the class to load and initialize.
      static void installSecureRandomProvider()
      Installs SecureRandom provider.
      static void setProvider​(String providerName)
      Sets a provider name to use for loading certificates and for generating key pairs.
      static org.bouncycastle.asn1.ASN1Primitive toASN1Primitive​(byte[] data)
      Converts the DER-encoded byte array into a DERObject.
      static String toGlobusID​(String dn)
      Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C".
      This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.
      static String toGlobusID​(String dn, boolean noreverse)
      Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C" or "/O=C/OU=B/CN=A" depending on the noreverse option.
      static String toGlobusID​(Principal name)
      Converts the specified principal into Globus format.
      static String toGlobusID​(X500Principal principal)
      Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/O=C/OU=B/CN=A"
      This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.
      static X500Principal toPrincipal​(String globusID)
      Converts Globus DN format "/O=C/OU=B/CN=A" into an X500Principal representation, which accepts RFC 2253 or 1779 formatted DN's and also attribute types as defined in RFC 2459 (e.g.
    • Method Detail

      • init

        public static void init()
        A no-op function that can be used to force the class to load and initialize.
      • setProvider

        public static void setProvider​(String providerName)
        Sets a provider name to use for loading certificates and for generating key pairs.
        Parameters:
        providerName - provider name to use.
      • installSecureRandomProvider

        public static void installSecureRandomProvider()
        Installs SecureRandom provider. This function is automatically called when this class is loaded.
      • getCAPathConstraint

        public static int getCAPathConstraint​(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
                                       throws IOException
        Return CA Path constraint
        Parameters:
        crt -
        Returns:
        the CA path constraint
        Throws:
        IOException
      • generateKeyPair

        public static KeyPair generateKeyPair​(String algorithm,
                                              int bits)
                                       throws GeneralSecurityException
        Generates a key pair of given algorithm and strength.
        Parameters:
        algorithm - the algorithm of the key pair.
        bits - the strength
        Returns:
        KeyPair the generated key pair.
        Throws:
        GeneralSecurityException - if something goes wrong.
      • getBasicConstraints

        public static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints​(org.bouncycastle.asn1.x509.X509Extension ext)
                                                                               throws IOException
        Creates a BasicConstraints object from given extension.
        Parameters:
        ext - the extension.
        Returns:
        the BasicConstraints object.
        Throws:
        IOException - if something fails.
      • toASN1Primitive

        public static org.bouncycastle.asn1.ASN1Primitive toASN1Primitive​(byte[] data)
                                                                   throws IOException
        Converts the DER-encoded byte array into a DERObject.
        Parameters:
        data - the DER-encoded byte array to convert.
        Returns:
        the DERObject.
        Throws:
        IOException - if conversion fails
      • getExtensionObject

        public static org.bouncycastle.asn1.ASN1Primitive getExtensionObject​(org.bouncycastle.asn1.x509.X509Extension ext)
                                                                      throws IOException
        Extracts the value of a certificate extension.
        Parameters:
        ext - the certificate extension to extract the value from.
        Throws:
        IOException - if extraction fails.
      • toGlobusID

        public static String toGlobusID​(String dn)
        Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C".
        This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.
        Parameters:
        dn - the DN to convert to Globus format.
        Returns:
        the converted DN in Globus format.
        See Also:
        toGlobusID(String, boolean)
      • toGlobusID

        public static String toGlobusID​(String dn,
                                        boolean noreverse)
        Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C" or "/O=C/OU=B/CN=A" depending on the noreverse option. If noreverse is true the order of the DN components is not reveresed - "/CN=A/OU=B/O=C" is returned. If noreverse is false, the order of the DN components is reversed - "/O=C/OU=B/CN=A" is returned.
        This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.
        Parameters:
        dn - the DN to convert to Globus format.
        noreverse - the direction of the conversion.
        Returns:
        the converted DN in Globus format.
      • toGlobusID

        public static String toGlobusID​(Principal name)
        Converts the specified principal into Globus format. If the principal is of unrecognized type a simple string-based conversion is made using the toGlobusID() function.
        Parameters:
        name - the principal to convert to Globus format.
        Returns:
        the converted DN in Globus format.
        See Also:
        toGlobusID(String)
      • toGlobusID

        public static String toGlobusID​(X500Principal principal)
        Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/O=C/OU=B/CN=A"
        This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.
        Returns:
        the converted DN in Globus format.
      • toPrincipal

        public static X500Principal toPrincipal​(String globusID)
        Converts Globus DN format "/O=C/OU=B/CN=A" into an X500Principal representation, which accepts RFC 2253 or 1779 formatted DN's and also attribute types as defined in RFC 2459 (e.g. "CN=A,OU=B,O=C"). This method should allow the forward slash, "/", to occur in attribute values (see GFD.125 section 3.2.2 -- RFC 2252 allows "/" in PrintableStrings).
        Parameters:
        globusID - DN in Globus format
        Returns:
        the X500Principal representation of the given DN