Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration. 2004-2010.
See http://www.eu-egee.org/partners/ for details on the copyright holders.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Parts of this code may be based upon or even include verbatim pieces,
originally written by other people, in which case the original header
follows.
DNCompare
public static boolean DNCompare(String dn1,
String dn2)
Normalize
public static String Normalize(String dn)
Compares two DNs for equality, taking into account different
representations for the Email and UserID tags.
- true if dn1 and dn2 are equal, false otherwise.
checkIssued
public static boolean checkIssued(X509Certificate issuer,
X509Certificate issued)
Checks if a certificate issued another certificate, according to RFC 3280.
issuer
- The candidate issuer certificate.issued
- The candidate issued certificate.
- true if issuer issued issued, false othersie.
getAKID
public static AuthorityKeyIdentifier getAKID(X509Certificate cert)
Gets the AuthorityKeyIdentifier extension form the passed certificate.
cert
- The certificate from which to get the extension.
- the extension if present, or null if not present.
getBaseName
public static String getBaseName(File f)
Gets the basename of a file.
f
- File object representing a file.
- a string representing the file name, minus the path.
getBasicConstraints
public static BasicConstraints getBasicConstraints(X509Certificate cert)
Gets the BasicConstraints extension form the passed certificate.
cert
- The certificate from which to get the extension.
- the extension if present, or null if not present.
getHash
public static String getHash(X500Principal principal)
Gets the MD5 hash value of the given principal.
principal
- the principal.
getHash
public static String getHash(X509CRL crl)
Gets the MD5 hash value of the issuer of the given CRL.
crl
- The CRL from which to get the issuer.
getHash
public static String getHash(X509Certificate x509)
Gets the MD5 hash value of the subject of the given certificate.
x509
- The certificate from which to get the subject.
getHash
public static String getHash(X509Principal principal)
Gets the MD5 hash value of the given principal.
principal
- the principal.
getHash
public static String getHash(byte[] name)
Gets the MD5 hash value of the given byte array.
name
- the data from which to compute the hash.
getOpenSSLFormatPrincipal
public static String getOpenSSLFormatPrincipal(Principal principal)
getOpenSSLFormatPrincipal
public static String getOpenSSLFormatPrincipal(Principal principal,
boolean reverse)
Gets an OpenSSL-style representation of a principal.
principal
- the principal
- a String representing the principal.
getSKID
public static SubjectKeyIdentifier getSKID(X509Certificate cert)
Gets the SubjectKeyIdentifier extension form the passed certificate.
cert
- The certificate from which to get the extension.
- the extension if present, or null if not present.
isCA
public static boolean isCA(X509Certificate cert)
Checks if the passed certificate is a CA certificate.
cert
- the candidate CA certificate.
- true if cert is a CA certificate.
isProxy
public static boolean isProxy(X509Certificate cert)
Checks if the passed certificate is a proxy certificate. Recognizes
GT2, GT3 and GT4 proxies.
cert
- the candidate proxy certificate.
- true if cert is a proxy certificate.
loadCRL
public static X509CRL loadCRL(File file)
throws CRLException
Loads a CRL from a file.
file
- the File object from which to load the CRL.
- an array containing the certificates that were present in the file.
loadCRL
public static X509CRL loadCRL(String filename)
throws CRLException
Loads a CRL from a file.
filename
- the name of the file from which to load the CRL.
- an array containing the certificates that were present in the file.
loadCertificates
public static X509Certificate[] loadCertificates(File file)
throws CertificateException
Loads a set of credentials from a file.
file
- the File object from which to load the certificates.
- an array containing the certificates that were present in the file.
loadCertificates
public static X509Certificate[] loadCertificates(String filename)
throws CertificateException
Loads a set of credentials from a file.
filename
- the name of the file from which to load the certificates.
- an array containing the certificates that were present in the file.
loadPrivateKey
public static PrivateKey loadPrivateKey(File file,
PasswordFinder finder)
loadPrivateKey
public static PrivateKey loadPrivateKey(String filename,
PasswordFinder finder)
readObject
public static Object readObject(File f)
throws IOException,
CertificateException,
CRLException
Reads either a certificate or a CRL from a file.
f
- the file from which to read;
selfIssued
public static boolean selfIssued(X509Certificate cert)
Checks if the give certificate is self-issued.
cert
- The certificate to check.
- true if the certificate is self-issued, false otherwise.
skipToCertBeginning
public static int skipToCertBeginning(BufferedInputStream stream)
throws IOException
Prepares a BufferedInputStream to read either a certificate or a CRL
from it. Skips everything in front of "-----BEGIN" in the stream.
stream
- The stream to read and skip.
- CERT if a certificate is the next object to be read from the
stream, CRL if the next object is a CRL, -1 if the next object is of
type unknown.