Class BouncyCastleUtil


  • public class BouncyCastleUtil
    extends Object
    A collection of various utility functions.
    • Constructor Detail

      • BouncyCastleUtil

        public BouncyCastleUtil()
    • Method Detail

      • toByteArray

        public static byte[] toByteArray​(org.bouncycastle.asn1.ASN1Primitive obj)
                                  throws IOException
        Converts given DERObject into a DER-encoded byte array.
        Parameters:
        obj - DERObject to convert.
        Returns:
        the DER-encoded byte array
        Throws:
        IOException - if conversion fails
      • toASN1Primitive

        public static org.bouncycastle.asn1.ASN1Primitive toASN1Primitive​(byte[] data)
                                                                   throws IOException
        Converts the DER-encoded byte array into a DERObject.
        Parameters:
        data - the DER-encoded byte array to convert.
        Returns:
        the DERObject.
        Throws:
        IOException - if conversion fails
      • duplicate

        public static org.bouncycastle.asn1.ASN1Primitive duplicate​(org.bouncycastle.asn1.ASN1Primitive obj)
                                                             throws IOException
        Replicates a given DERObject.
        Parameters:
        obj - the DERObject to replicate.
        Returns:
        a copy of the DERObject.
        Throws:
        IOException - if replication fails
      • getExtensionObject

        public static org.bouncycastle.asn1.ASN1Primitive getExtensionObject​(org.bouncycastle.asn1.x509.X509Extension ext)
                                                                      throws IOException
        Extracts the value of a certificate extension.
        Parameters:
        ext - the certificate extension to extract the value from.
        Throws:
        IOException - if extraction fails.
      • getKeyUsage

        public static boolean[] getKeyUsage​(org.bouncycastle.asn1.x509.X509Extension ext)
                                     throws IOException
        Gets a boolean array representing bits of the KeyUsage extension.
        Throws:
        IOException - if failed to extract the KeyUsage extension value.
        See Also:
        X509Certificate.getKeyUsage()
      • getProxyCertInfo

        public static ProxyCertInfo getProxyCertInfo​(org.bouncycastle.asn1.x509.X509Extension ext)
                                              throws IOException
        Creates a ProxyCertInfo object from given extension.
        Parameters:
        ext - the extension.
        Returns:
        the ProxyCertInfo object.
        Throws:
        IOException - if something fails.
      • getIdentity

        public static String getIdentity​(X509Certificate cert)
        Returns the subject DN of the given certificate in the Globus format.
        Parameters:
        cert - the certificate to get the subject of. The certificate must be of X509CertificateObject type.
        Returns:
        the subject DN of the certificate in the Globus format.
      • getIdentity

        public static String getIdentity​(X509Certificate[] chain)
                                  throws CertificateException
        Finds the identity certificate in the given chain and returns the subject DN of that certificate in the Globus format.
        Parameters:
        chain - the certificate chain to find the identity certificate in. The certificates must be of X509CertificateObject type.
        Returns:
        the subject DN of the identity certificate in the Globus format.
        Throws:
        CertificateException - if something goes wrong.
      • getIdentityCertificate

        public static X509Certificate getIdentityCertificate​(X509Certificate[] chain)
                                                      throws CertificateException
        Finds the identity certificate in the given chain. The identity certificate is the first certificate in the chain that is not an impersonation proxy (full or limited)
        Parameters:
        chain - the certificate chain to find the identity certificate in.
        Returns:
        the identity certificate.
        Throws:
        CertificateException - if something goes wrong.
      • getExtensionValue

        public static byte[] getExtensionValue​(byte[] certExtValue)
                                        throws IOException
        Retrieves the actual value of the X.509 extension.
        Parameters:
        certExtValue - the DER-encoded OCTET string value of the extension.
        Returns:
        the decoded/actual value of the extension (the octets).
        Throws:
        IOException
      • getExtensionValue

        public static byte[] getExtensionValue​(X509Certificate cert,
                                               String oid)
                                        throws IOException
        Returns the actual value of the extension.
        Parameters:
        cert - the certificate that contains the extensions to retrieve.
        oid - the oid of the extension to retrieve.
        Returns:
        the actual value of the extension (not octet string encoded)
        Throws:
        IOException - if decoding the extension fails.
      • getProxyPathConstraint

        public static int getProxyPathConstraint​(org.bouncycastle.asn1.x509.TBSCertificateStructure crt)
                                          throws IOException
        Throws:
        IOException