public abstract class PkiTools extends Object
Modifier and Type | Field and Description |
---|---|
static String |
ALGORITHM |
static int |
RSA_KEY_LENGTH |
Modifier and Type | Method and Description |
---|---|
static String |
certificateToPem(X509Certificate cert)
Given an X509 certificate, return a PEM encoded string representation of the certificate.
|
static org.bouncycastle.asn1.x500.X500Name |
convertDistinguishedName(String... tuples) |
static X509Certificate |
derToCertificate(byte[] certDer)
Given a byte array that represents a DER encoded X509 certificate, return the certificate
object
|
static String |
derToPem(byte[] bytes)
Convert a byte array to a Java String.
|
static PrivateKey |
derToPrivateKey(byte[] privateKeyDer)
Given a byte array that represents a DER encoded private key, return the private key object
|
static KeyPair |
generateRsaKeyPair()
Generate new RSA public/private key pair with 2048 bit key
|
static String |
getHostName()
Get the host name or DNS name associated with the machine running the JVM.
|
static byte[] |
keyToDer(Key key)
Serialize a Key object as a DER encoded byte array.
|
static String |
keyToPem(Key key) |
static org.bouncycastle.asn1.x500.X500Name |
makeDistinguishedName(String commonName)
Create an X500 name with a single populated attribute, the "common name".
|
static org.bouncycastle.asn1.x509.GeneralName |
makeGeneralName(String name)
Create an X509 general name based on the specified string which supports a format similar to
OpenSSL X509 configuration as:
tag:name where tag can be one of:
email - email subject
URI - uniformed resource identifier
RID - registered id
DNS - hostname
IP - ip address (V4 or V6)
dirName - directory name
|
static X509Certificate |
pemToCertificate(String certString)
Given a PEM encoded X509 certificate, return an object representation of the certificate
|
static byte[] |
pemToDer(String string)
Convert a Java String to a byte array
|
static PrivateKey |
pemToPrivateKey(String keyString)
Convert a Java String to an private key
|
public static final int RSA_KEY_LENGTH
public static final String ALGORITHM
public static String derToPem(byte[] bytes)
bytes
- DER encoded bytespublic static String certificateToPem(X509Certificate cert)
cert
- certificatepublic static X509Certificate derToCertificate(byte[] certDer)
certDer
- byte array representing a DER encoded X509 certificatepublic static PrivateKey derToPrivateKey(byte[] privateKeyDer)
privateKeyDer
- byte array representing a DER encoded private keypublic static String getHostName()
public static KeyPair generateRsaKeyPair()
CertificateGeneratorException
public static byte[] keyToDer(Key key)
key
- instance of Key objectpublic static String keyToPem(Key key)
key
- objectpublic static org.bouncycastle.asn1.x500.X500Name makeDistinguishedName(String commonName)
TLS can use a different set of attributes to, the Subject Alternative Names. SANs are extensions to the X509 specification and can include IP addresses, DNS names and other machine information. This package does not use SANs.
commonName
- the fully qualified host name of the end entitypublic static org.bouncycastle.asn1.x500.X500Name convertDistinguishedName(String... tuples)
public static org.bouncycastle.asn1.x509.GeneralName makeGeneralName(String name)
tag:name
where tag can be one of:
name
- a string representing an X509 general name in an openssl formatIllegalArgumentException
- if the string is null
, empty or cannot be parsed
properlypublic static X509Certificate pemToCertificate(String certString)
certString
- PEM encoded X509 certificatepublic static byte[] pemToDer(String string)
string
- PEM encoded bytespublic static PrivateKey pemToPrivateKey(String keyString)
keyString
- encoded RSA private key. Assume PKCS#8 formatThis work is licensed under a Creative Commons Attribution 4.0 International License.