|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.globus.gsi.util.CertificateUtil
public final class CertificateUtil
FILL ME
Field Summary | |
---|---|
static int |
CRL_SIGN
|
static int |
DATA_ENCIPHERMENT
|
static int |
DECIPHER_ONLY
|
static int |
DEFAULT_USAGE_LENGTH
|
static int |
DIGITAL_SIGNATURE
|
static int |
ENCIPHER_ONLY
|
static int |
KEY_AGREEMENT
|
static int |
KEY_CERTSIGN
|
static int |
KEY_ENCIPHERMENT
|
static int |
NON_REPUDIATION
|
Method Summary | |
---|---|
static java.security.KeyPair |
generateKeyPair(java.lang.String algorithm,
int bits)
Generates a key pair of given algorithm and strength. |
static org.bouncycastle.asn1.x509.BasicConstraints |
getBasicConstraints(org.bouncycastle.asn1.x509.X509Extension ext)
Creates a BasicConstraints object from given extension. |
static int |
getCAPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
Return CA Path constraint |
static GSIConstants.CertificateType |
getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
Returns certificate type of the given TBS certificate. |
static java.security.cert.CertPath |
getCertPath(java.security.cert.X509Certificate[] certs)
|
static org.bouncycastle.asn1.DERObject |
getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext)
Extracts the value of a certificate extension. |
static boolean[] |
getKeyUsage(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
|
static boolean[] |
getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext)
Gets a boolean array representing bits of the KeyUsage extension. |
static org.bouncycastle.asn1.x509.TBSCertificateStructure |
getTBSCertificateStructure(java.security.cert.X509Certificate cert)
Extracts the TBS certificate from the given certificate. |
static void |
init()
A no-op function that can be used to force the class to load and initialize. |
static void |
installSecureRandomProvider()
Installs SecureRandom provider. |
static void |
setProvider(java.lang.String providerName)
Sets a provider name to use for loading certificates and for generating key pairs. |
static org.bouncycastle.asn1.DERObject |
toDERObject(byte[] data)
Converts the DER-encoded byte array into a DERObject . |
static java.lang.String |
toGlobusID(java.security.Principal name)
Converts the specified principal into Globus format. |
static java.lang.String |
toGlobusID(java.lang.String dn)
Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C". This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas. |
static java.lang.String |
toGlobusID(java.lang.String dn,
boolean noreverse)
Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/CN=A/OU=B/O=C" or "/O=C/OU=B/CN=A" depending on the noreverse option. |
static java.lang.String |
toGlobusID(javax.security.auth.x500.X500Principal principal)
Converts DN of the form "CN=A, OU=B, O=C" into Globus format "/O=C/OU=B/CN=A" This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas. |
static javax.security.auth.x500.X500Principal |
toPrincipal(java.lang.String globusID)
Converts Globus DN format "/O=C/OU=B/CN=A" into an X500Principal representation, which accepts RFC 2253 or 1779 formatted DN's and also attribute types as defined in RFC 2459 (e.g. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final int DIGITAL_SIGNATURE
public static final int NON_REPUDIATION
public static final int KEY_ENCIPHERMENT
public static final int DATA_ENCIPHERMENT
public static final int KEY_AGREEMENT
public static final int KEY_CERTSIGN
public static final int CRL_SIGN
public static final int ENCIPHER_ONLY
public static final int DECIPHER_ONLY
public static final int DEFAULT_USAGE_LENGTH
Method Detail |
---|
public static void init()
public static void setProvider(java.lang.String providerName)
providerName
- provider name to use.public static void installSecureRandomProvider()
public static int getCAPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt) throws java.io.IOException
crt
-
java.io.IOException
public static java.security.KeyPair generateKeyPair(java.lang.String algorithm, int bits) throws java.security.GeneralSecurityException
algorithm
- the algorithm of the key pair.bits
- the strength
KeyPair
the generated key pair.
java.security.GeneralSecurityException
- if something goes wrong.public static GSIConstants.CertificateType getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt) throws java.security.cert.CertificateException, java.io.IOException
CertificateType.CA
only if the certificate contains a
BasicConstraints extension and it is marked as CA.CertificateType.GSI_2_PROXY
) or "CN=limited proxy" (certificate
type CertificateType.LIMITED_PROXY
) component and the issuer DN of the
certificate matches the subject DN without the last proxy CN
component.ProxyCertInfo
critical extension. The certificate type is CertificateType.GSI_3_IMPERSONATION_PROXY
if the policy language of the
ProxyCertInfo
extension is set to ProxyPolicy.IMPERSONATION
OID. The certificate type is CertificateType.GSI_3_LIMITED_PROXY
if the policy language of the ProxyCertInfo
extension
is set to ProxyPolicy.LIMITED
OID. The certificate type is CertificateType.GSI_3_INDEPENDENT_PROXY
if the policy language of the
ProxyCertInfo
extension is set to ProxyPolicy.INDEPENDENT
OID. The certificate type is CertificateType.GSI_3_RESTRICTED_PROXY
if the policy language of the
ProxyCertInfo
extension is set to any other OID then the above.CertificateType.EEC
if the certificate is not a CA certificate or a
GSI-2 or GSI-3 proxy.
crt
- the TBS certificate to get the type of.
java.io.IOException
- if something goes wrong.
java.security.cert.CertificateException
- for proxy certificates, if the issuer DN of
the certificate does not match the subject DN
of the certificate without the last CN
component. Also, for GSI-3 proxies when the
ProxyCertInfo
extension is not
marked as critical.public static org.bouncycastle.asn1.x509.BasicConstraints getBasicConstraints(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
BasicConstraints
object from given extension.
ext
- the extension.
BasicConstraints
object.
java.io.IOException
- if something fails.public static org.bouncycastle.asn1.DERObject toDERObject(byte[] data) throws java.io.IOException
DERObject
.
data
- the DER-encoded byte array to convert.
java.io.IOException
- if conversion failspublic static org.bouncycastle.asn1.x509.TBSCertificateStructure getTBSCertificateStructure(java.security.cert.X509Certificate cert) throws java.security.cert.CertificateEncodingException, java.io.IOException
cert
- the X.509 certificate to extract the TBS certificate from.
java.io.IOException
- if extraction fails.
java.security.cert.CertificateEncodingException
- if extraction fails.public static boolean[] getKeyUsage(org.bouncycastle.asn1.x509.TBSCertificateStructure crt) throws java.io.IOException
java.io.IOException
public static boolean[] getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
java.io.IOException
- if failed to extract the KeyUsage extension value.X509Certificate.getKeyUsage()
public static org.bouncycastle.asn1.DERObject getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
ext
- the certificate extension to extract the value from.
java.io.IOException
- if extraction fails.public static java.lang.String toGlobusID(java.lang.String dn)
dn
- the DN to convert to Globus format.
toGlobusID(String, boolean)
public static java.lang.String toGlobusID(java.lang.String dn, boolean noreverse)
noreverse
option. If noreverse
is true
the order of the DN components is not reveresed - "/CN=A/OU=B/O=C" is
returned. If noreverse
is false, the order of the
DN components is reversed - "/O=C/OU=B/CN=A" is returned.
dn
- the DN to convert to Globus format.noreverse
- the direction of the conversion.
public static java.lang.String toGlobusID(java.security.Principal name)
toGlobusID()
function.
name
- the principal to convert to Globus format.
toGlobusID(String)
public static java.lang.String toGlobusID(javax.security.auth.x500.X500Principal principal)
public static javax.security.auth.x500.X500Principal toPrincipal(java.lang.String globusID)
globusID
- DN in Globus format
public static java.security.cert.CertPath getCertPath(java.security.cert.X509Certificate[] certs) throws java.security.cert.CertificateException
java.security.cert.CertificateException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |