Package org.globus.gsi.util
Class CertificateLoadUtil
- java.lang.Object
-
- org.globus.gsi.util.CertificateLoadUtil
-
public final class CertificateLoadUtil extends java.lang.Object
Contains various security-related utility methods.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description protected static java.security.cert.CertificateFactory
getCertificateFactory()
Returns appropriateCertificateFactory
.static java.util.Collection<java.security.cert.X509Certificate>
getTrustedCertificates(java.security.KeyStore keyStore, java.security.cert.X509CertSelector selector)
static void
init()
A no-op function that can be used to force the class to load and initialize.static java.security.cert.X509Certificate
loadCertificate(java.io.InputStream in)
Loads a X509 certificate from the specified input stream.static java.security.cert.X509Certificate
loadCertificate(java.lang.String file)
Loads an X.509 certificate from the specified file.static java.security.cert.X509Certificate[]
loadCertificates(java.lang.String file)
Loads multiple X.509 certificates from the specified file.static java.security.cert.X509CRL
loadCrl(java.io.InputStream in)
static java.security.cert.X509CRL
loadCrl(java.lang.String file)
static java.security.cert.X509Certificate
readCertificate(java.io.BufferedReader reader)
Loads a X.509 certificate from the specified reader.static void
setProvider(java.lang.String providerName)
Sets a provider name to use for loading certificates and for generating key pairs.
-
-
-
Method Detail
-
init
public static void init()
A no-op function that can be used to force the class to load and initialize.
-
setProvider
public static void setProvider(java.lang.String providerName)
Sets a provider name to use for loading certificates and for generating key pairs.- Parameters:
providerName
- provider name to use.
-
getCertificateFactory
protected static java.security.cert.CertificateFactory getCertificateFactory() throws java.security.GeneralSecurityException
Returns appropriateCertificateFactory
. If provider was set a provider-specificCertificateFactory
will be used. Otherwise, a defaultCertificateFactory
will be used.- Returns:
CertificateFactory
- Throws:
java.security.GeneralSecurityException
-
loadCertificate
public static java.security.cert.X509Certificate loadCertificate(java.io.InputStream in) throws java.security.GeneralSecurityException
Loads a X509 certificate from the specified input stream. Input stream must contain DER-encoded certificate.- Parameters:
in
- the input stream to read the certificate from.- Returns:
X509Certificate
the loaded certificate.- Throws:
java.security.GeneralSecurityException
- if certificate failed to load.
-
loadCertificate
public static java.security.cert.X509Certificate loadCertificate(java.lang.String file) throws java.io.IOException, java.security.GeneralSecurityException
Loads an X.509 certificate from the specified file. The certificate file must be in PEM/Base64 format and start with "BEGIN CERTIFICATE" and end with "END CERTIFICATE" line.- Parameters:
file
- the file to load the certificate from.- Returns:
java.security.cert.X509Certificate
the loaded certificate.- Throws:
java.io.IOException
- if I/O error occursjava.security.GeneralSecurityException
- if security problems occurs.
-
loadCertificates
public static java.security.cert.X509Certificate[] loadCertificates(java.lang.String file) throws java.io.IOException, java.security.GeneralSecurityException
Loads multiple X.509 certificates from the specified file. Each certificate must be in PEM/Base64 format and start with "BEGIN CERTIFICATE" and end with "END CERTIFICATE" line.- Parameters:
file
- the certificate file to load the certificate from.- Returns:
- an array of certificates loaded from the file.
- Throws:
java.io.IOException
- if I/O error occursjava.security.GeneralSecurityException
- if security problems occurs.
-
readCertificate
public static java.security.cert.X509Certificate readCertificate(java.io.BufferedReader reader) throws java.io.IOException, java.security.GeneralSecurityException
Loads a X.509 certificate from the specified reader. The certificate contents must start with "BEGIN CERTIFICATE" line and end with "END CERTIFICATE" line, and be in PEM/Base64 format.This function does not close the input stream.
- Parameters:
reader
- the stream from which load the certificate.- Returns:
- the loaded certificate or null if there was no certificate in the stream or the stream is closed.
- Throws:
java.io.IOException
- if I/O error occursjava.security.GeneralSecurityException
- if security problems occurs.
-
loadCrl
public static java.security.cert.X509CRL loadCrl(java.lang.String file) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOException
java.security.GeneralSecurityException
-
loadCrl
public static java.security.cert.X509CRL loadCrl(java.io.InputStream in) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
getTrustedCertificates
public static java.util.Collection<java.security.cert.X509Certificate> getTrustedCertificates(java.security.KeyStore keyStore, java.security.cert.X509CertSelector selector) throws java.security.KeyStoreException
- Throws:
java.security.KeyStoreException
-
-