org.ccnx.ccn.impl.security.crypto.util.CryptoUtil Class Reference

A collection of crypto-related utility methods largely related to BouncyCastle. More...

List of all members.

Static Public Member Functions

static byte[] encode (DEREncodable encodable) throws CertificateEncodingException
 Helper function to DER encode content.
static DERObject decode (byte[] decodable) throws CertificateEncodingException
 Helper function to decode DER content.
static PublicKey getPublicKey (SubjectPublicKeyInfo spki) throws CertificateEncodingException, NoSuchAlgorithmException, InvalidKeySpecException
 Helper function to unpack public keys from DER encoding into Java PublicKey format.
static PublicKey getPublicKey (byte[] derEncodedPublicKey) throws CertificateEncodingException, InvalidKeySpecException
 Helper function to decode and unpack a public key from DER encoding to a Java PublicKey.
static X509Certificate getCertificate (byte[] encodedCert) throws CertificateException
 Helper method to decode a certificate.
static byte[] generateCertID (String digestAlg, Certificate cert) throws CertificateEncodingException
 Generates a CertID -- the digest of the DER encoding of a java.security.cert.Certificate.
static byte[] generateCertID (Certificate cert) throws CertificateEncodingException
 Generates a CertID -- the digest of the DER encoding of a java.security.cert.Certificate.
static byte[] generateKeyID (String digestAlg, Key key)
 Generates a KeyID -- the digest of the DER encoding of a SubjectPublicKeyInfo, or of a raw encoding of a symmetric key.
static byte[] generateKeyID (Key key)
 Generates a KeyID -- the digest of the DER encoding of a SubjectPublicKeyInfo, or of a raw encoding of a symmetric key.
static byte[] getKeyIDFromCertificate (X509Certificate issuerCert) throws IOException, CertificateEncodingException
 Get the keyID from a CA certificate to use as the key ID in an AuthorityKeyIdentifier extension for certificates issued by that CA.
static ArrayList< Tuple
< Integer, String > > 
getSubjectAlternativeNames (X509Certificate certificate) throws IOException, CertificateEncodingException
 Helper method to pull SubjectAlternativeNames from a certificate.
static String getSubjectAlternativeNameDNSName (X509Certificate certificate) throws IOException, CertificateEncodingException
 Get the first DNS name in the subject alternative names.
static String getSubjectAlternativeNameEmailAddress (X509Certificate certificate) throws IOException, CertificateEncodingException
 Get the first email address in the subject alternative names.
static URI getSubjectAlternativeNameURI (X509Certificate certificate) throws IOException, URISyntaxException, CertificateEncodingException
 Get the first DNS name in the subject alternative names.
static String findSubjectAlternativeName (int tag, X509Certificate certificate) throws IOException, CertificateEncodingException


Detailed Description

A collection of crypto-related utility methods largely related to BouncyCastle.

Member Function Documentation

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.encode ( DEREncodable  encodable  )  throws CertificateEncodingException [static]

Helper function to DER encode content.

Parameters:
encodable content to encode
Returns:
encoded content
Exceptions:
CertificateEncodingException if there is a problem encoding the content

static DERObject org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.decode ( byte[]  decodable  )  throws CertificateEncodingException [static]

Helper function to decode DER content.

Parameters:
decodable content to decode
Returns:
generic DERObject, result of decoding
Exceptions:
CertificateEncodingException if there is a problem decoding the content

static PublicKey org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getPublicKey ( SubjectPublicKeyInfo  spki  )  throws CertificateEncodingException, NoSuchAlgorithmException, InvalidKeySpecException [static]

Helper function to unpack public keys from DER encoding into Java PublicKey format.

Parameters:
spki a decoded SubjectPublicKeyInfo containing the desired public key
Returns:
the decoded PublicKey
Exceptions:
CertificateEncodingException if there is a problem decoding the content
NoSuchAlgorithmException if the key algorithm is unknown
InvalidKeySpecException if the data in the SubjectPublicKeyInfo doesn't correctly represent a key

static PublicKey org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getPublicKey ( byte[]  derEncodedPublicKey  )  throws CertificateEncodingException, InvalidKeySpecException [static]

Helper function to decode and unpack a public key from DER encoding to a Java PublicKey.

Parameters:
derEncodedPublicKey DER encoding of public key in standard format (SubjectPublicKeyInfo)
Returns:
the decoded PublicKey
Exceptions:
CertificateEncodingException if there is a problem decoding the content
NoSuchAlgorithmException if the key algorithm is unknown
InvalidKeySpecException if the data in the SubjectPublicKeyInfo doesn't correctly represent a key

static X509Certificate org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getCertificate ( byte[]  encodedCert  )  throws CertificateException [static]

Helper method to decode a certificate.

Parameters:
encodedCert DER encoded X.509 certificate
Returns:
the decoded X509Certificate
Exceptions:
CertificateException if there is an error in decoding

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.generateCertID ( String  digestAlg,
Certificate  cert 
) throws CertificateEncodingException [static]

Generates a CertID -- the digest of the DER encoding of a java.security.cert.Certificate.

Parameters:
digestAlg the digest algorithm to use
cert the certificate to digest
Returns:
the CertID
Exceptions:
CertificateEncodingException if there is an error in the certificate encoding

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.generateCertID ( Certificate  cert  )  throws CertificateEncodingException [static]

Generates a CertID -- the digest of the DER encoding of a java.security.cert.Certificate.

Parameters:
cert the certificate
Returns:
the CertID

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.generateKeyID ( String  digestAlg,
Key  key 
) [static]

Generates a KeyID -- the digest of the DER encoding of a SubjectPublicKeyInfo, or of a raw encoding of a symmetric key.

Note that the former is slightly uncommon; but it is more general and complete than digesting the BIT STRING component of the SubjectPublicKeyInfo itself (and no standard dictates how you must generate a key ID).

Parameters:
digestAlg the digest algorithm to use
key the key to digest
Returns:
the KeyID

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.generateKeyID ( Key  key  )  [static]

Generates a KeyID -- the digest of the DER encoding of a SubjectPublicKeyInfo, or of a raw encoding of a symmetric key.

Note that the former is slightly uncommon; but it is more general and complete than digesting the BIT STRING component of the SubjectPublicKeyInfo itself (and no standard dictates how you must generate a key ID).

Parameters:
key the key to digest
Returns:
the KeyID

static byte [] org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getKeyIDFromCertificate ( X509Certificate  issuerCert  )  throws IOException, CertificateEncodingException [static]

Get the keyID from a CA certificate to use as the key ID in an AuthorityKeyIdentifier extension for certificates issued by that CA.

This should come out of the SubjectKeyIdentifier extension of the certificate if present. If that extension is missing, this function will return null, and generateKeyID can be used to generate a new key ID.

Parameters:
issuerCert the issuer certificate to extract the key ID from
Returns:
the key ID
Exceptions:
IOException 
CertificateEncodingException 

static ArrayList<Tuple<Integer, String> > org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getSubjectAlternativeNames ( X509Certificate  certificate  )  throws IOException, CertificateEncodingException [static]

Helper method to pull SubjectAlternativeNames from a certificate.

BouncyCastle has one of these, but it isn't included on all platforms. We get one by default from X509Certificate but it returns us a collection of ? and we can't ever know what the ? is because we might get a different impl class on different platforms. So we have to roll our own.

We filter the general names down to ones we can handle.

Parameters:
certificate 
Returns:
Exceptions:
IOException 
CertificateEncodingException 

static String org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getSubjectAlternativeNameDNSName ( X509Certificate  certificate  )  throws IOException, CertificateEncodingException [static]

Get the first DNS name in the subject alternative names.

Exceptions:
IOException 
CertificateEncodingException 

static String org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getSubjectAlternativeNameEmailAddress ( X509Certificate  certificate  )  throws IOException, CertificateEncodingException [static]

Get the first email address in the subject alternative names.

Exceptions:
IOException 
CertificateEncodingException 

static URI org.ccnx.ccn.impl.security.crypto.util.CryptoUtil.getSubjectAlternativeNameURI ( X509Certificate  certificate  )  throws IOException, URISyntaxException, CertificateEncodingException [static]

Get the first DNS name in the subject alternative names.

Exceptions:
IOException 
URISyntaxException 
CertificateEncodingException 


The documentation for this class was generated from the following file:

Generated on Thu Feb 16 00:44:58 2012 for Content-Centric Networking in Java by  doxygen 1.5.6