Class CertUtil


  • public class CertUtil
    extends java.lang.Object
    • Field Detail

      • logger

        public static final org.slf4j.Logger logger
    • Constructor Detail

      • CertUtil

        public CertUtil()
    • Method Detail

      • createRemoteCert

        public static X509CertImpl createRemoteCert​(java.lang.String hostname,
                                                    int port,
                                                    javax.ws.rs.core.MultivaluedMap<java.lang.String,​java.lang.String> content,
                                                    javax.servlet.http.HttpServletResponse response)
                                             throws java.lang.Exception
        Throws:
        java.lang.Exception
      • getPKCS10

        public static PKCS10 getPKCS10​(IConfigStore config,
                                       java.lang.String prefix,
                                       Cert certObj,
                                       org.apache.velocity.context.Context context)
                                throws java.io.IOException
        Throws:
        java.io.IOException
      • injectSANextensionIntoRequest

        public static void injectSANextensionIntoRequest​(IConfigStore config,
                                                         IRequest req)
                                                  throws java.lang.Exception
        Throws:
        java.lang.Exception
      • buildSANSSLserverURLExtension

        public static java.lang.String buildSANSSLserverURLExtension​(IConfigStore config)
                                                              throws java.lang.Exception
        Throws:
        java.lang.Exception
      • updateLocalRequest

        public static void updateLocalRequest​(IConfigStore config,
                                              java.lang.String certTag,
                                              byte[] certReq,
                                              java.lang.String reqType,
                                              java.lang.String subjectName)
                                       throws java.lang.Exception
        update local cert request with the actual request called from CertRequestPanel.java
        Throws:
        EBaseException
        EPropertyNotFound
        java.lang.Exception
      • getAdminProfileAlgorithm

        public static java.lang.String getAdminProfileAlgorithm​(IConfigStore config)
                                                         throws EBaseException,
                                                                java.io.FileNotFoundException,
                                                                java.io.IOException
        reads from the admin cert profile caAdminCert.profile and determines the algorithm as follows: 1. First gets list of allowed algorithms from profile (constraint.params.signingAlgsAllowed) If entry does not exist, uses entry "ca.profiles.defaultSigningAlgsAllowed" from CS.cfg If that entry does not exist, uses basic default 2. Gets default.params.signingAlg from profile. If entry does not exist or equals "-", selects first algorithm in allowed algorithm list that matches CA signing key type Otherwise returns entry if it matches signing CA key type.
        Throws:
        EBaseException
        java.io.IOException
        java.io.FileNotFoundException
      • createLocalCert

        public static X509CertImpl createLocalCert​(IConfigStore config,
                                                   X509Key x509key,
                                                   java.lang.String prefix,
                                                   java.lang.String certTag,
                                                   java.lang.String type)
                                            throws java.lang.Exception
        Throws:
        java.lang.Exception
      • createCertRecord

        public static void createCertRecord​(IRequest request,
                                            CertInfoProfile profile,
                                            org.mozilla.jss.crypto.X509Certificate cert)
                                     throws java.lang.Exception
        Throws:
        java.lang.Exception
      • createCertRecord

        public static void createCertRecord​(IRequest request,
                                            CertInfoProfile profile,
                                            X509CertImpl cert)
                                     throws java.lang.Exception
        Throws:
        java.lang.Exception
      • addUserCertificate

        public static void addUserCertificate​(X509CertImpl cert)
      • fingerPrintFormat

        public static java.lang.String fingerPrintFormat​(java.lang.String content)
      • privateKeyExistsOnToken

        public static boolean privateKeyExistsOnToken​(java.lang.String certTag,
                                                      java.lang.String tokenname,
                                                      java.lang.String nickname)
      • findCertificate

        public static org.mozilla.jss.crypto.X509Certificate findCertificate​(java.lang.String fullnickname)
                                                                      throws java.lang.Exception
        Throws:
        java.lang.Exception
      • deleteCert

        public static void deleteCert​(java.lang.String tokenname,
                                      org.mozilla.jss.crypto.X509Certificate cert)
                               throws java.lang.Exception
        Throws:
        java.lang.Exception