Package org.rossonet.utils
Class SslHelper
- java.lang.Object
-
- org.rossonet.utils.SslHelper
-
public class SslHelper extends java.lang.ObjectNeed bouncycastle libs. This libs are not in the jar. implementation group: 'org.bouncycastle', name: 'bcprov-jdk18on', version: '1.76' implementation group: 'org.bouncycastle', name: 'bcpkix-jdk18on', version: '1.76' implementation group: 'org.bouncycastle', name: 'bcutil-jdk18on', version: '1.76'
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringDEFAULT_CONTEXT_TLS_PROTOCOLstatic java.lang.StringDEFAULT_SIGNATURE_ALGORITHMstatic intSUBJECT_ALT_NAME_DNS_NAMEstatic intSUBJECT_ALT_NAME_IP_ADDRESSstatic intSUBJECT_ALT_NAME_URI
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static booleancheckSignatureWithPayload(java.security.PublicKey pubKey, java.security.PrivateKey privKey)static booleancheckSignatureWithPayload(java.security.PublicKey pubKey, java.security.PrivateKey privKey, java.lang.String signatureAlgorithm)static org.bouncycastle.pkcs.PKCS10CertificationRequestcreateCertificationRequest(java.security.KeyPair keyPair, java.security.cert.X509Certificate certificate)static org.bouncycastle.pkcs.PKCS10CertificationRequestcreateCertificationRequest(java.security.KeyPair keyPair, java.security.cert.X509Certificate certificate, java.lang.String signatureAlgorithm)static java.security.KeyStorecreateKeystore(java.lang.String caAlias, java.security.cert.X509Certificate ca, java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, java.security.PrivateKey privateKey, java.lang.String keystorePassword)static java.security.KeyStorecreateKeystore(java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, java.security.PrivateKey privateKey, java.lang.String keystorePassword)static java.security.KeyStorecreateKeyStore(java.lang.String caAlias, java.lang.String caCrtString, java.lang.String certificateAlias, java.lang.String certificateString, java.lang.String privateKeyAlias, java.lang.String privateKeyString, java.lang.String keystorePassword)static java.security.KeyStorecreateKeyStore(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword)static javax.net.ssl.TrustManagerFactorycreateKeyStore(java.lang.String caAlias, java.security.cert.X509Certificate caCert)static java.security.KeyStorecreateKeyStore(java.lang.String caAlias, java.security.cert.X509Certificate ca, java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, org.bouncycastle.asn1.pkcs.PrivateKeyInfo privateKeyInfo, java.lang.String keystorePassword)static java.security.KeyStorecreateKeyStore(java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, org.bouncycastle.asn1.pkcs.PrivateKeyInfo privateKeyInfo, java.lang.String keystorePassword)static javax.net.ssl.SSLContextcreateSSLContext(java.lang.String caAlias, java.lang.String caCrtString, java.lang.String certificateAlias, java.lang.String certificateString, java.lang.String privateKeyAlias, java.lang.String privateKeyString, java.lang.String keystorePassword)static javax.net.ssl.SSLContextcreateSSLContext(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword)static javax.net.ssl.SSLContextcreateSSLContext(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword, java.lang.String sslContextProtocol)<OBJECT_TYPE>
java.lang.StringencodeInPemFormat(OBJECT_TYPE data)static java.lang.StringgetDefaultCharSet()static java.util.List<java.lang.String>getSanDnsNames(java.security.cert.X509Certificate certificate)Get the DNS names from thecertificate's Subject Alternative Name extension, if it's present.static java.util.List<java.lang.String>getSanIpAddresses(java.security.cert.X509Certificate certificate)Get the IP addresses from thecertificate's Subject Alternative Name extension, if it's present.static java.util.Optional<java.lang.String>getSanUri(java.security.cert.X509Certificate certificate)Get the URI from thecertificate's Subject Alternative Name extension, if it's present.static java.util.List<java.lang.Object>getSubjectAltNameField(java.security.cert.X509Certificate certificate, int field)Extract the value of a given SubjectAltName field from aX509Certificate.static java.util.List<org.bouncycastle.asn1.x509.GeneralName>getSubjectAltNames(java.security.cert.X509Certificate certificate)static java.security.cert.X509CertificatesignCertificate(org.bouncycastle.pkcs.PKCS10CertificationRequest certificationRequest, java.security.cert.X509Certificate caCertificate, java.security.PrivateKey caPrivateKey, int validity)static java.security.cert.X509CertificatesignCertificate(org.bouncycastle.pkcs.PKCS10CertificationRequest certificationRequest, java.security.cert.X509Certificate caCertificate, java.security.PrivateKey caPrivateKey, int validity, java.lang.String signatureAlgorithm)
-
-
-
Field Detail
-
DEFAULT_CONTEXT_TLS_PROTOCOL
public static java.lang.String DEFAULT_CONTEXT_TLS_PROTOCOL
-
DEFAULT_SIGNATURE_ALGORITHM
public static java.lang.String DEFAULT_SIGNATURE_ALGORITHM
-
SUBJECT_ALT_NAME_DNS_NAME
public static final int SUBJECT_ALT_NAME_DNS_NAME
- See Also:
- Constant Field Values
-
SUBJECT_ALT_NAME_IP_ADDRESS
public static final int SUBJECT_ALT_NAME_IP_ADDRESS
- See Also:
- Constant Field Values
-
SUBJECT_ALT_NAME_URI
public static final int SUBJECT_ALT_NAME_URI
- See Also:
- Constant Field Values
-
-
Method Detail
-
checkSignatureWithPayload
public static boolean checkSignatureWithPayload(java.security.PublicKey pubKey, java.security.PrivateKey privKey) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException- Throws:
java.security.NoSuchAlgorithmExceptionjava.security.SignatureExceptionjava.security.InvalidKeyException
-
checkSignatureWithPayload
public static boolean checkSignatureWithPayload(java.security.PublicKey pubKey, java.security.PrivateKey privKey, java.lang.String signatureAlgorithm) throws java.security.NoSuchAlgorithmException, java.security.SignatureException, java.security.InvalidKeyException- Throws:
java.security.NoSuchAlgorithmExceptionjava.security.SignatureExceptionjava.security.InvalidKeyException
-
createCertificationRequest
public static org.bouncycastle.pkcs.PKCS10CertificationRequest createCertificationRequest(java.security.KeyPair keyPair, java.security.cert.X509Certificate certificate) throws java.security.cert.CertificateEncodingException, org.bouncycastle.operator.OperatorCreationException, java.security.cert.CertificateParsingException, java.io.IOException- Throws:
java.security.cert.CertificateEncodingExceptionorg.bouncycastle.operator.OperatorCreationExceptionjava.security.cert.CertificateParsingExceptionjava.io.IOException
-
createCertificationRequest
public static org.bouncycastle.pkcs.PKCS10CertificationRequest createCertificationRequest(java.security.KeyPair keyPair, java.security.cert.X509Certificate certificate, java.lang.String signatureAlgorithm) throws org.bouncycastle.operator.OperatorCreationException, java.security.cert.CertificateEncodingException, java.security.cert.CertificateParsingException, java.io.IOException- Throws:
org.bouncycastle.operator.OperatorCreationExceptionjava.security.cert.CertificateEncodingExceptionjava.security.cert.CertificateParsingExceptionjava.io.IOException
-
createKeystore
public static java.security.KeyStore createKeystore(java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, java.security.PrivateKey privateKey, java.lang.String keystorePassword) throws java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Throws:
java.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.io.IOException
-
createKeystore
public static java.security.KeyStore createKeystore(java.lang.String caAlias, java.security.cert.X509Certificate ca, java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, java.security.PrivateKey privateKey, java.lang.String keystorePassword) throws java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Throws:
java.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.io.IOException
-
createKeyStore
public static java.security.KeyStore createKeyStore(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword) throws java.io.IOException, java.security.cert.CertificateException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException- Throws:
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmException
-
createKeyStore
public static java.security.KeyStore createKeyStore(java.lang.String caAlias, java.lang.String caCrtString, java.lang.String certificateAlias, java.lang.String certificateString, java.lang.String privateKeyAlias, java.lang.String privateKeyString, java.lang.String keystorePassword) throws java.io.IOException, java.security.cert.CertificateException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException- Throws:
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmException
-
createKeyStore
public static javax.net.ssl.TrustManagerFactory createKeyStore(java.lang.String caAlias, java.security.cert.X509Certificate caCert) throws java.security.KeyStoreException, java.io.IOException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.security.KeyStoreExceptionjava.io.IOExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
createKeyStore
public static java.security.KeyStore createKeyStore(java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, org.bouncycastle.asn1.pkcs.PrivateKeyInfo privateKeyInfo, java.lang.String keystorePassword) throws java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Throws:
java.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.io.IOException
-
createKeyStore
public static java.security.KeyStore createKeyStore(java.lang.String caAlias, java.security.cert.X509Certificate ca, java.lang.String certificateAlias, java.security.cert.X509Certificate certificate, java.lang.String privateKeyAlias, org.bouncycastle.asn1.pkcs.PrivateKeyInfo privateKeyInfo, java.lang.String keystorePassword) throws org.bouncycastle.openssl.PEMException, java.security.KeyStoreException, java.io.IOException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
org.bouncycastle.openssl.PEMExceptionjava.security.KeyStoreExceptionjava.io.IOExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
createSSLContext
public static javax.net.ssl.SSLContext createSSLContext(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword) throws java.security.KeyManagementException, java.security.UnrecoverableKeyException, java.security.cert.CertificateException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.io.IOException- Throws:
java.security.KeyManagementExceptionjava.security.UnrecoverableKeyExceptionjava.security.cert.CertificateExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjava.io.IOException
-
createSSLContext
public static javax.net.ssl.SSLContext createSSLContext(java.lang.String caAlias, java.nio.file.Path caCrtFile, java.lang.String certificateAlias, java.nio.file.Path crtFile, java.lang.String privateKeyAlias, java.nio.file.Path keyFile, java.lang.String keystorePassword, java.lang.String sslContextProtocol) throws java.security.cert.CertificateException, java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.KeyManagementException, java.security.UnrecoverableKeyException- Throws:
java.security.cert.CertificateExceptionjava.io.IOExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjava.security.KeyManagementExceptionjava.security.UnrecoverableKeyException
-
createSSLContext
public static javax.net.ssl.SSLContext createSSLContext(java.lang.String caAlias, java.lang.String caCrtString, java.lang.String certificateAlias, java.lang.String certificateString, java.lang.String privateKeyAlias, java.lang.String privateKeyString, java.lang.String keystorePassword) throws java.io.IOException, java.security.KeyManagementException, java.security.UnrecoverableKeyException, java.security.cert.CertificateException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException- Throws:
java.io.IOExceptionjava.security.KeyManagementExceptionjava.security.UnrecoverableKeyExceptionjava.security.cert.CertificateExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmException
-
getDefaultCharSet
public static java.lang.String getDefaultCharSet()
-
getSanDnsNames
public static java.util.List<java.lang.String> getSanDnsNames(java.security.cert.X509Certificate certificate)
Get the DNS names from thecertificate's Subject Alternative Name extension, if it's present.- Parameters:
certificate- the certificate to get the DNS names from.- Returns:
- the values of the SAN DNS names, or empty list if none are present.
-
getSanIpAddresses
public static java.util.List<java.lang.String> getSanIpAddresses(java.security.cert.X509Certificate certificate)
Get the IP addresses from thecertificate's Subject Alternative Name extension, if it's present.- Parameters:
certificate- the certificate to get the IP addresses from.- Returns:
- the values of the SAN IP addresses, or empty list if none are present.
-
getSanUri
public static java.util.Optional<java.lang.String> getSanUri(java.security.cert.X509Certificate certificate)
Get the URI from thecertificate's Subject Alternative Name extension, if it's present.- Parameters:
certificate- the certificate to get the URI from.- Returns:
- the value of the SAN URI, if present.
-
getSubjectAltNameField
public static java.util.List<java.lang.Object> getSubjectAltNameField(java.security.cert.X509Certificate certificate, int field)Extract the value of a given SubjectAltName field from aX509Certificate.- Parameters:
certificate- the certificate.field- the field number.- Returns:
- an
Optionalcontaining the value in the field. - See Also:
SUBJECT_ALT_NAME_IP_ADDRESS,SUBJECT_ALT_NAME_DNS_NAME,SUBJECT_ALT_NAME_URI
-
getSubjectAltNames
public static java.util.List<org.bouncycastle.asn1.x509.GeneralName> getSubjectAltNames(java.security.cert.X509Certificate certificate)
-
signCertificate
public static java.security.cert.X509Certificate signCertificate(org.bouncycastle.pkcs.PKCS10CertificationRequest certificationRequest, java.security.cert.X509Certificate caCertificate, java.security.PrivateKey caPrivateKey, int validity) throws java.io.IOException, org.bouncycastle.operator.OperatorCreationException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionorg.bouncycastle.operator.OperatorCreationExceptionjava.security.cert.CertificateException
-
signCertificate
public static java.security.cert.X509Certificate signCertificate(org.bouncycastle.pkcs.PKCS10CertificationRequest certificationRequest, java.security.cert.X509Certificate caCertificate, java.security.PrivateKey caPrivateKey, int validity, java.lang.String signatureAlgorithm) throws java.io.IOException, org.bouncycastle.operator.OperatorCreationException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionorg.bouncycastle.operator.OperatorCreationExceptionjava.security.cert.CertificateException
-
encodeInPemFormat
public <OBJECT_TYPE> java.lang.String encodeInPemFormat(OBJECT_TYPE data) throws java.io.IOException- Throws:
java.io.IOException
-
-