org.globus.gsi.bc
Class BouncyCastleUtil

java.lang.Object
  extended by org.globus.gsi.bc.BouncyCastleUtil

public class BouncyCastleUtil
extends java.lang.Object

A collection of various utility functions.


Constructor Summary
BouncyCastleUtil()
           
 
Method Summary
static org.bouncycastle.asn1.DERObject duplicate(org.bouncycastle.asn1.DERObject obj)
          Replicates a given DERObject.
static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints(org.bouncycastle.asn1.x509.X509Extension ext)
          Creates a BasicConstraints object from given extension.
static GSIConstants.CertificateType getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt, TrustedCertificates trustedCerts)
           
static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert)
          Returns certificate type of the given certificate.
static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert, java.security.cert.CertStore trustedCerts)
          Returns the certificate type of the given certificate.
static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert, TrustedCertificates trustedCerts)
          Deprecated.  
static org.bouncycastle.asn1.DERObject getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext)
          Extracts the value of a certificate extension.
static byte[] getExtensionValue(byte[] certExtValue)
          Retrieves the actual value of the X.509 extension.
static byte[] getExtensionValue(java.security.cert.X509Certificate cert, java.lang.String oid)
          Returns the actual value of the extension.
static java.lang.String getIdentity(java.security.cert.X509Certificate cert)
          Returns the subject DN of the given certificate in the Globus format.
static java.lang.String getIdentity(java.security.cert.X509Certificate[] chain)
          Finds the identity certificate in the given chain and returns the subject DN of that certificate in the Globus format.
static java.security.cert.X509Certificate getIdentityCertificate(java.security.cert.X509Certificate[] chain)
          Finds the identity certificate in the given chain.
static java.lang.String getIdentityPrefix(java.security.cert.X509Certificate cert)
           
static boolean[] getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext)
          Gets a boolean array representing bits of the KeyUsage extension.
static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
           
static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.X509Extension ext)
          Creates a ProxyCertInfo object from given extension.
static int getProxyPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
           
static int getProxyPathConstraint(java.security.cert.X509Certificate cert)
           
static org.bouncycastle.asn1.x509.TBSCertificateStructure getTBSCertificateStructure(java.security.cert.X509Certificate cert)
          Extracts the TBS certificate from the given certificate.
static byte[] toByteArray(org.bouncycastle.asn1.DERObject obj)
          Converts given DERObject into a DER-encoded byte array.
static org.bouncycastle.asn1.DERObject toDERObject(byte[] data)
          Converts the DER-encoded byte array into a DERObject.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BouncyCastleUtil

public BouncyCastleUtil()
Method Detail

toByteArray

public static byte[] toByteArray(org.bouncycastle.asn1.DERObject obj)
                          throws java.io.IOException
Converts given DERObject into a DER-encoded byte array.

Parameters:
obj - DERObject to convert.
Returns:
the DER-encoded byte array
Throws:
java.io.IOException - if conversion fails

toDERObject

public static org.bouncycastle.asn1.DERObject toDERObject(byte[] data)
                                                   throws java.io.IOException
Converts the DER-encoded byte array into a DERObject.

Parameters:
data - the DER-encoded byte array to convert.
Returns:
the DERObject.
Throws:
java.io.IOException - if conversion fails

duplicate

public static org.bouncycastle.asn1.DERObject duplicate(org.bouncycastle.asn1.DERObject obj)
                                                 throws java.io.IOException
Replicates a given DERObject.

Parameters:
obj - the DERObject to replicate.
Returns:
a copy of the DERObject.
Throws:
java.io.IOException - if replication fails

getTBSCertificateStructure

public static org.bouncycastle.asn1.x509.TBSCertificateStructure getTBSCertificateStructure(java.security.cert.X509Certificate cert)
                                                                                     throws java.security.cert.CertificateEncodingException,
                                                                                            java.io.IOException
Extracts the TBS certificate from the given certificate.

Parameters:
cert - the X.509 certificate to extract the TBS certificate from.
Returns:
the TBS certificate
Throws:
java.io.IOException - if extraction fails.
java.security.cert.CertificateEncodingException - if extraction fails.

getExtensionObject

public static org.bouncycastle.asn1.DERObject getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext)
                                                          throws java.io.IOException
Extracts the value of a certificate extension.

Parameters:
ext - the certificate extension to extract the value from.
Throws:
java.io.IOException - if extraction fails.

getCertificateType

public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert,
                                                              TrustedCertificates trustedCerts)
                                                       throws java.security.cert.CertificateException
Deprecated. 

Returns certificate type of the given certificate. Please see getCertificateType for details for determining the certificate type.

Parameters:
cert - the certificate to get the type of.
trustedCerts - the trusted certificates to double check the GSIConstants.EEC certificate against.
Returns:
the certificate type as determined by getCertificateType.
Throws:
java.security.cert.CertificateException - if something goes wrong.

getCertificateType

public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert,
                                                              java.security.cert.CertStore trustedCerts)
                                                       throws java.security.cert.CertificateException
Returns the certificate type of the given certificate. Please see getCertificateType for details for determining the certificate type.

Parameters:
cert - the certificate to get the type of.
trustedCerts - the trusted certificates to double check the GSIConstants.EEC certificate against.
Returns:
the certificate type as determined by getCertificateType.
Throws:
java.security.cert.CertificateException - if something goes wrong.

getCertificateType

public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert)
                                                       throws java.security.cert.CertificateException
Returns certificate type of the given certificate. Please see getCertificateType for details for determining the certificate type.

Parameters:
cert - the certificate to get the type of.
Returns:
the certificate type as determined by getCertificateType.
Throws:
java.security.cert.CertificateException - if something goes wrong.

getCertificateType

public static GSIConstants.CertificateType getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt,
                                                              TrustedCertificates trustedCerts)
                                                       throws java.security.cert.CertificateException,
                                                              java.io.IOException
Throws:
java.security.cert.CertificateException
java.io.IOException

getKeyUsage

public static boolean[] getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext)
                             throws java.io.IOException
Gets a boolean array representing bits of the KeyUsage extension.

Throws:
java.io.IOException - if failed to extract the KeyUsage extension value.
See Also:
X509Certificate.getKeyUsage()

getBasicConstraints

public static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints(org.bouncycastle.asn1.x509.X509Extension ext)
                                                                       throws java.io.IOException
Creates a BasicConstraints object from given extension.

Parameters:
ext - the extension.
Returns:
the BasicConstraints object.
Throws:
java.io.IOException - if something fails.

getProxyCertInfo

public static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.X509Extension ext)
                                      throws java.io.IOException
Creates a ProxyCertInfo object from given extension.

Parameters:
ext - the extension.
Returns:
the ProxyCertInfo object.
Throws:
java.io.IOException - if something fails.

getIdentity

public static java.lang.String getIdentity(java.security.cert.X509Certificate cert)
Returns the subject DN of the given certificate in the Globus format.

Parameters:
cert - the certificate to get the subject of. The certificate must be of X509CertificateObject type.
Returns:
the subject DN of the certificate in the Globus format.

getIdentityPrefix

public static java.lang.String getIdentityPrefix(java.security.cert.X509Certificate cert)

getIdentity

public static java.lang.String getIdentity(java.security.cert.X509Certificate[] chain)
                                    throws java.security.cert.CertificateException
Finds the identity certificate in the given chain and returns the subject DN of that certificate in the Globus format.

Parameters:
chain - the certificate chain to find the identity certificate in. The certificates must be of X509CertificateObject type.
Returns:
the subject DN of the identity certificate in the Globus format.
Throws:
java.security.cert.CertificateException - if something goes wrong.

getIdentityCertificate

public static java.security.cert.X509Certificate getIdentityCertificate(java.security.cert.X509Certificate[] chain)
                                                                 throws java.security.cert.CertificateException
Finds the identity certificate in the given chain. The identity certificate is the first certificate in the chain that is not an impersonation proxy (full or limited)

Parameters:
chain - the certificate chain to find the identity certificate in.
Returns:
the identity certificate.
Throws:
java.security.cert.CertificateException - if something goes wrong.

getExtensionValue

public static byte[] getExtensionValue(byte[] certExtValue)
                                throws java.io.IOException
Retrieves the actual value of the X.509 extension.

Parameters:
certExtValue - the DER-encoded OCTET string value of the extension.
Returns:
the decoded/actual value of the extension (the octets).
Throws:
java.io.IOException

getExtensionValue

public static byte[] getExtensionValue(java.security.cert.X509Certificate cert,
                                       java.lang.String oid)
                                throws java.io.IOException
Returns the actual value of the extension.

Parameters:
cert - the certificate that contains the extensions to retrieve.
oid - the oid of the extension to retrieve.
Returns:
the actual value of the extension (not octet string encoded)
Throws:
java.io.IOException - if decoding the extension fails.

getProxyPathConstraint

public static int getProxyPathConstraint(java.security.cert.X509Certificate cert)
                                  throws java.io.IOException,
                                         java.security.cert.CertificateEncodingException
Throws:
java.io.IOException
java.security.cert.CertificateEncodingException

getProxyPathConstraint

public static int getProxyPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
                                  throws java.io.IOException
Throws:
java.io.IOException

getProxyCertInfo

public static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
                                      throws java.io.IOException
Throws:
java.io.IOException


Copyright © 2013. All Rights Reserved.