org.opensaml.xml.security.x509
Class X509Util

java.lang.Object
  extended by org.opensaml.xml.security.x509.X509Util

public class X509Util
extends java.lang.Object

Utility class for working with X509 objects.


Nested Class Summary
static class X509Util.ENCODING_FORMAT
          Encoding used to store a key or certificate in a file.
 
Field Summary
static java.lang.String CN_OID
          Common Name (CN) OID.
static java.lang.Integer DIRECTORY_ALT_NAME
          RFC 2459 Directory Name Subject Alt Name type.
static java.lang.Integer DNS_ALT_NAME
          RFC 2459 DNS Subject Alt Name type.
static java.lang.Integer EDI_PARTY_ALT_NAME
          RFC 2459 EDI Party Name Subject Alt Name type.
static java.lang.Integer IP_ADDRESS_ALT_NAME
          RFC 2459 IP Address Subject Alt Name type.
static java.lang.Integer OTHER_ALT_NAME
          RFC 2459 Other Subject Alt Name type.
static java.lang.Integer REGISTERED_ID_ALT_NAME
          RFC 2459 Registered ID Subject Alt Name type.
static java.lang.Integer RFC822_ALT_NAME
          RFC 2459 RFC 822 (email address) Subject Alt Name type.
static java.lang.Integer URI_ALT_NAME
          RFC 2459 URI Subject Alt Name type.
static java.lang.Integer X400ADDRESS_ALT_NAME
          RFC 2459 X.400 Address Subject Alt Name type.
 
Constructor Summary
protected X509Util()
          Constructed.
 
Method Summary
static java.util.List getAltNames(java.security.cert.X509Certificate certificate, java.lang.Integer[] nameTypes)
          Gets the list of alternative names of a given name type.
static java.util.List<java.lang.String> getCommonNames(javax.security.auth.x500.X500Principal dn)
          Gets the commons names that appear within the given distinguished name.
static java.security.Key getKey(java.io.File keyFile, java.lang.String passphrase)
          Reads a PEM or DER encoded RSA or DSA key from a file.
static java.security.Key getKey(java.io.InputStream keyStream, java.lang.String passphrase)
          Reads a PEM or DER encoded RSA or DSA key from a stream.
static byte[] getSubjectKeyIdentifier(java.security.cert.X509Certificate certificate)
          Get the plain (non-DER encoded) value of the Subject Key Identifier extension of an X.509 certificate, if present.
static java.util.List getSubjectNames(java.security.cert.X509Certificate certificate, java.lang.Integer[] altNameTypes)
          Gets the common name components of the issuer and all the subject alt names of a given type.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CN_OID

public static final java.lang.String CN_OID
Common Name (CN) OID.

See Also:
Constant Field Values

OTHER_ALT_NAME

public static final java.lang.Integer OTHER_ALT_NAME
RFC 2459 Other Subject Alt Name type.


RFC822_ALT_NAME

public static final java.lang.Integer RFC822_ALT_NAME
RFC 2459 RFC 822 (email address) Subject Alt Name type.


DNS_ALT_NAME

public static final java.lang.Integer DNS_ALT_NAME
RFC 2459 DNS Subject Alt Name type.


X400ADDRESS_ALT_NAME

public static final java.lang.Integer X400ADDRESS_ALT_NAME
RFC 2459 X.400 Address Subject Alt Name type.


DIRECTORY_ALT_NAME

public static final java.lang.Integer DIRECTORY_ALT_NAME
RFC 2459 Directory Name Subject Alt Name type.


EDI_PARTY_ALT_NAME

public static final java.lang.Integer EDI_PARTY_ALT_NAME
RFC 2459 EDI Party Name Subject Alt Name type.


URI_ALT_NAME

public static final java.lang.Integer URI_ALT_NAME
RFC 2459 URI Subject Alt Name type.


IP_ADDRESS_ALT_NAME

public static final java.lang.Integer IP_ADDRESS_ALT_NAME
RFC 2459 IP Address Subject Alt Name type.


REGISTERED_ID_ALT_NAME

public static final java.lang.Integer REGISTERED_ID_ALT_NAME
RFC 2459 Registered ID Subject Alt Name type.

Constructor Detail

X509Util

protected X509Util()
Constructed.

Method Detail

getCommonNames

public static java.util.List<java.lang.String> getCommonNames(javax.security.auth.x500.X500Principal dn)
Gets the commons names that appear within the given distinguished name. The returned list provides the names in the order they appeared in the DN.

Parameters:
dn - the DN to extract the common names from
Returns:
the common names that appear in the DN in the order they appear or null if the given DN is null

getAltNames

public static java.util.List getAltNames(java.security.cert.X509Certificate certificate,
                                         java.lang.Integer[] nameTypes)
Gets the list of alternative names of a given name type.

Parameters:
certificate - the certificate to extract the alternative names from
nameTypes - the name types
Returns:
the alt names, of the given type, within the cert

getSubjectNames

public static java.util.List getSubjectNames(java.security.cert.X509Certificate certificate,
                                             java.lang.Integer[] altNameTypes)
Gets the common name components of the issuer and all the subject alt names of a given type.

Parameters:
certificate - certificate to extract names from
altNameTypes - type of alt names to extract
Returns:
list of subject names in the certificate

getSubjectKeyIdentifier

public static byte[] getSubjectKeyIdentifier(java.security.cert.X509Certificate certificate)
Get the plain (non-DER encoded) value of the Subject Key Identifier extension of an X.509 certificate, if present.

Parameters:
certificate - an X.509 certificate possibly containing a subject key identifier
Returns:
the plain (non-DER encoded) value of the Subject Key Identifier extension, or null if the certificate does not contain the extension
Throws:
java.io.IOException

getKey

public static java.security.Key getKey(java.io.File keyFile,
                                       java.lang.String passphrase)
                                throws SecurityException
Reads a PEM or DER encoded RSA or DSA key from a file.

Parameters:
keyFile - the file containing the encoded key
passphrase - the passphrase to unlock the key or null
Returns:
the key
Throws:
SecurityException - thrown if the file can not be read or a key created from its content

getKey

public static java.security.Key getKey(java.io.InputStream keyStream,
                                       java.lang.String passphrase)
Reads a PEM or DER encoded RSA or DSA key from a stream.

Parameters:
keyStream - the stream containing the encoded key
passphrase - the passphrase to unlock the key or null
Returns:
the key