Package org.globus.gsi.bc
Class BouncyCastleUtil
- java.lang.Object
-
- org.globus.gsi.bc.BouncyCastleUtil
-
public class BouncyCastleUtil extends java.lang.Object
A collection of various utility functions.
-
-
Constructor Summary
Constructors Constructor Description BouncyCastleUtil()
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static org.bouncycastle.asn1.ASN1Primitive
duplicate(org.bouncycastle.asn1.ASN1Primitive obj)
Replicates a givenDERObject
.static GSIConstants.CertificateType
getCertificateType(java.security.cert.X509Certificate cert)
Returns certificate type of the given certificate.static GSIConstants.CertificateType
getCertificateType(java.security.cert.X509Certificate cert, java.security.cert.CertStore trustedCerts)
Returns the certificate type of the given certificate.static GSIConstants.CertificateType
getCertificateType(java.security.cert.X509Certificate cert, TrustedCertificates trustedCerts)
Deprecated.static GSIConstants.CertificateType
getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt, TrustedCertificates trustedCerts)
static org.bouncycastle.asn1.ASN1Primitive
getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext)
Extracts the value of a certificate extension.static byte[]
getExtensionValue(byte[] certExtValue)
Retrieves the actual value of the X.509 extension.static byte[]
getExtensionValue(java.security.cert.X509Certificate cert, java.lang.String oid)
Returns the actual value of the extension.static java.lang.String
getIdentity(java.security.cert.X509Certificate cert)
Returns the subject DN of the given certificate in the Globus format.static java.lang.String
getIdentity(java.security.cert.X509Certificate[] chain)
Finds the identity certificate in the given chain and returns the subject DN of that certificate in the Globus format.static java.security.cert.X509Certificate
getIdentityCertificate(java.security.cert.X509Certificate[] chain)
Finds the identity certificate in the given chain.static java.lang.String
getIdentityPrefix(java.security.cert.X509Certificate cert)
static boolean[]
getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext)
Gets a boolean array representing bits of the KeyUsage extension.static ProxyCertInfo
getProxyCertInfo(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
static ProxyCertInfo
getProxyCertInfo(org.bouncycastle.asn1.x509.X509Extension ext)
Creates aProxyCertInfo
object from given extension.static int
getProxyPathConstraint(java.security.cert.X509Certificate cert)
static int
getProxyPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
static org.bouncycastle.asn1.x509.TBSCertificateStructure
getTBSCertificateStructure(java.security.cert.X509Certificate cert)
Extracts the TBS certificate from the given certificate.static org.bouncycastle.asn1.ASN1Primitive
toASN1Primitive(byte[] data)
Converts the DER-encoded byte array into aDERObject
.static byte[]
toByteArray(org.bouncycastle.asn1.ASN1Primitive obj)
Converts givenDERObject
into a DER-encoded byte array.
-
-
-
Method Detail
-
toByteArray
public static byte[] toByteArray(org.bouncycastle.asn1.ASN1Primitive obj) throws java.io.IOException
Converts givenDERObject
into a DER-encoded byte array.- Parameters:
obj
- DERObject to convert.- Returns:
- the DER-encoded byte array
- Throws:
java.io.IOException
- if conversion fails
-
toASN1Primitive
public static org.bouncycastle.asn1.ASN1Primitive toASN1Primitive(byte[] data) throws java.io.IOException
Converts the DER-encoded byte array into aDERObject
.- Parameters:
data
- the DER-encoded byte array to convert.- Returns:
- the DERObject.
- Throws:
java.io.IOException
- if conversion fails
-
duplicate
public static org.bouncycastle.asn1.ASN1Primitive duplicate(org.bouncycastle.asn1.ASN1Primitive obj) throws java.io.IOException
Replicates a givenDERObject
.- Parameters:
obj
- the DERObject to replicate.- Returns:
- a copy of the DERObject.
- Throws:
java.io.IOException
- if replication fails
-
getTBSCertificateStructure
public static org.bouncycastle.asn1.x509.TBSCertificateStructure getTBSCertificateStructure(java.security.cert.X509Certificate cert) throws java.security.cert.CertificateEncodingException, java.io.IOException
Extracts the TBS certificate from the given certificate.- Parameters:
cert
- the X.509 certificate to extract the TBS certificate from.- Returns:
- the TBS certificate
- Throws:
java.io.IOException
- if extraction fails.java.security.cert.CertificateEncodingException
- if extraction fails.
-
getExtensionObject
public static org.bouncycastle.asn1.ASN1Primitive getExtensionObject(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
Extracts the value of a certificate extension.- Parameters:
ext
- the certificate extension to extract the value from.- Throws:
java.io.IOException
- if extraction fails.
-
getCertificateType
public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert, TrustedCertificates trustedCerts) throws java.security.cert.CertificateException
Deprecated.Returns certificate type of the given certificate. Please seegetCertificateType
for details for determining the certificate type.- Parameters:
cert
- the certificate to get the type of.trustedCerts
- the trusted certificates to double check theGSIConstants.EEC
certificate against.- Returns:
- the certificate type as determined by
getCertificateType
. - Throws:
java.security.cert.CertificateException
- if something goes wrong.
-
getCertificateType
public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert, java.security.cert.CertStore trustedCerts) throws java.security.cert.CertificateException
Returns the certificate type of the given certificate. Please seegetCertificateType
for details for determining the certificate type.- Parameters:
cert
- the certificate to get the type of.trustedCerts
- the trusted certificates to double check theGSIConstants.EEC
certificate against.- Returns:
- the certificate type as determined by
getCertificateType
. - Throws:
java.security.cert.CertificateException
- if something goes wrong.
-
getCertificateType
public static GSIConstants.CertificateType getCertificateType(java.security.cert.X509Certificate cert) throws java.security.cert.CertificateException
Returns certificate type of the given certificate. Please seegetCertificateType
for details for determining the certificate type.- Parameters:
cert
- the certificate to get the type of.- Returns:
- the certificate type as determined by
getCertificateType
. - Throws:
java.security.cert.CertificateException
- if something goes wrong.
-
getCertificateType
public static GSIConstants.CertificateType getCertificateType(org.bouncycastle.asn1.x509.TBSCertificateStructure crt, TrustedCertificates trustedCerts) throws java.security.cert.CertificateException, java.io.IOException
- Throws:
java.security.cert.CertificateException
java.io.IOException
-
getKeyUsage
public static boolean[] getKeyUsage(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
Gets a boolean array representing bits of the KeyUsage extension.- Throws:
java.io.IOException
- if failed to extract the KeyUsage extension value.- See Also:
X509Certificate.getKeyUsage()
-
getProxyCertInfo
public static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.X509Extension ext) throws java.io.IOException
Creates aProxyCertInfo
object from given extension.- Parameters:
ext
- the extension.- Returns:
- the
ProxyCertInfo
object. - Throws:
java.io.IOException
- if something fails.
-
getIdentity
public static java.lang.String getIdentity(java.security.cert.X509Certificate cert)
Returns the subject DN of the given certificate in the Globus format.- Parameters:
cert
- the certificate to get the subject of. The certificate must be ofX509CertificateObject
type.- Returns:
- the subject DN of the certificate in the Globus format.
-
getIdentityPrefix
public static java.lang.String getIdentityPrefix(java.security.cert.X509Certificate cert)
-
getIdentity
public static java.lang.String getIdentity(java.security.cert.X509Certificate[] chain) throws java.security.cert.CertificateException
Finds the identity certificate in the given chain and returns the subject DN of that certificate in the Globus format.- Parameters:
chain
- the certificate chain to find the identity certificate in. The certificates must be ofX509CertificateObject
type.- Returns:
- the subject DN of the identity certificate in the Globus format.
- Throws:
java.security.cert.CertificateException
- if something goes wrong.
-
getIdentityCertificate
public static java.security.cert.X509Certificate getIdentityCertificate(java.security.cert.X509Certificate[] chain) throws java.security.cert.CertificateException
Finds the identity certificate in the given chain. The identity certificate is the first certificate in the chain that is not an impersonation proxy (full or limited)- Parameters:
chain
- the certificate chain to find the identity certificate in.- Returns:
- the identity certificate.
- Throws:
java.security.cert.CertificateException
- if something goes wrong.
-
getExtensionValue
public static byte[] getExtensionValue(byte[] certExtValue) throws java.io.IOException
Retrieves the actual value of the X.509 extension.- Parameters:
certExtValue
- the DER-encoded OCTET string value of the extension.- Returns:
- the decoded/actual value of the extension (the octets).
- Throws:
java.io.IOException
-
getExtensionValue
public static byte[] getExtensionValue(java.security.cert.X509Certificate cert, java.lang.String oid) throws java.io.IOException
Returns the actual value of the extension.- Parameters:
cert
- the certificate that contains the extensions to retrieve.oid
- the oid of the extension to retrieve.- Returns:
- the actual value of the extension (not octet string encoded)
- Throws:
java.io.IOException
- if decoding the extension fails.
-
getProxyPathConstraint
public static int getProxyPathConstraint(java.security.cert.X509Certificate cert) throws java.io.IOException, java.security.cert.CertificateEncodingException
- Throws:
java.io.IOException
java.security.cert.CertificateEncodingException
-
getProxyPathConstraint
public static int getProxyPathConstraint(org.bouncycastle.asn1.x509.TBSCertificateStructure crt) throws java.io.IOException
- Throws:
java.io.IOException
-
getProxyCertInfo
public static ProxyCertInfo getProxyCertInfo(org.bouncycastle.asn1.x509.TBSCertificateStructure crt) throws java.io.IOException
- Throws:
java.io.IOException
-
-