Class X509Utils
java.lang.Object
se.swedenconnect.security.credential.utils.X509Utils
Utility methods for working with X.509 certificates.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Method Summary
Modifier and TypeMethodDescriptionstatic X509Certificate
decodeCertificate
(byte[] encoding) Decodes aX509Certificate
from its encoding.static X509Certificate
decodeCertificate
(InputStream stream) Decodes aX509Certificate
from an input stream.static List
<X509Certificate> decodeCertificateChain
(byte[] encoding) Given a sequence of PEM or DER encododed certificates or a PKCS#7 certificate chain, the method will return a list ofX509Certificate
objects.static List
<X509Certificate> decodeCertificateChain
(InputStream stream) Given a stream holding a sequence of PEM or DER encododed certificates or a PKCS#7 certificate chain, the method will return a list ofX509Certificate
objects.static boolean
isInlinedPem
(String location) When configuring the use of credentials and when a certificate is configured, normally, the location of the certificate is given.static String
toLogString
(X509Certificate certificate) TheCertificate.toString()
prints way too much for a normal log entry.
-
Method Details
-
isInlinedPem
When configuring the use of credentials and when a certificate is configured, normally, the location of the certificate is given. But we also allow to give the certificate "inline", i.e., to enter its PEM-encoding. This method can be used to find out whether a location string holds an inlined PEM-encoded certificate.- Parameters:
location
- location configuration setting- Returns:
true
if the given string holds a PEM-encoding andfalse
otherwise
-
decodeCertificate
@Nonnull public static X509Certificate decodeCertificate(@Nonnull byte[] encoding) throws CertificateException Decodes aX509Certificate
from its encoding.- Parameters:
encoding
- the certificate encoding (PEM or DER encoded)- Returns:
- a X509Certificate object
- Throws:
CertificateException
- for decoding errors
-
decodeCertificate
@Nonnull public static X509Certificate decodeCertificate(@Nonnull InputStream stream) throws CertificateException Decodes aX509Certificate
from an input stream.The method does not close the input stream.
- Parameters:
stream
- the stream to read (holding a PEM or DER encoded certificate)- Returns:
- a X509Certificate object
- Throws:
CertificateException
- for decoding errors
-
decodeCertificateChain
@Nonnull public static List<X509Certificate> decodeCertificateChain(@Nonnull byte[] encoding) throws CertificateException Given a sequence of PEM or DER encododed certificates or a PKCS#7 certificate chain, the method will return a list ofX509Certificate
objects.- Parameters:
encoding
- the sequence of PEM or DER encoded certificates or a PKCS#7 certificate chain- Returns:
- a list of
X509Certificate
objects - Throws:
CertificateException
- for decoding errors
-
decodeCertificateChain
@Nonnull public static List<X509Certificate> decodeCertificateChain(@Nonnull InputStream stream) throws CertificateException Given a stream holding a sequence of PEM or DER encododed certificates or a PKCS#7 certificate chain, the method will return a list ofX509Certificate
objects.The method does not close the input stream.
- Parameters:
stream
- the stream- Returns:
- a list of
X509Certificate
objects - Throws:
CertificateException
- for decoding errors
-
toLogString
TheCertificate.toString()
prints way too much for a normal log entry. This method displays the subject, issuer and serial number.- Parameters:
certificate
- the certificate to log- Returns:
- a log string
-