Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.xwiki.crypto.x509
Class XWikiX509Certificate

java.lang.Object
  extended by java.security.cert.Certificate
      extended by java.security.cert.X509Certificate
          extended by org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper
              extended by org.xwiki.crypto.x509.XWikiX509Certificate
All Implemented Interfaces:
Serializable, X509Extension
public class XWikiX509Certificate
extends org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper

X509 certificate wrapper with several additional helper methods, aimed to be more scripting-friendly. This class cannot be an interface because it extends AbstractX509CertificateWrapper which extends X509Certificate which is not an interface. Most bouncycastle code requires an X509Certificate so if we used an interface then it would just have to be casted every time somebody wanted to use it with non xwiki-crypto cryptographic apis.

Since:
2.5M1
Version:
$Id: 29513e5ea49c8a1f1079f21e3964f9a46f4255b1 $
See Also:
Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from class java.security.cert.Certificate
Certificate.CertificateRep
 
Field Summary
 
Fields inherited from class org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper
certificate
 
Constructor Summary
XWikiX509Certificate(X509Certificate certificate)
          Create new XWikiX509Certificate.
XWikiX509Certificate(X509Certificate certificate, String issuerFp)
          Create new XWikiX509Certificate.
 
Method Summary
static String calculateFingerprint(Certificate certificate)
          Calculate the fingerprint of the given certificate.
 boolean equals(Object obj)
           
static XWikiX509Certificate[] fromCertificateChain(Certificate[] x509Chain)
          Convert a chain of Certificates into a chain of XWikiX509Certificates, correctly setting the issuer fingerprint.
static XWikiX509Certificate fromPEMString(String pemEncoded)
          Constructor from a PEM formatted string.
 String getAuthorName()
          Get name of the author (subject name) of this certificate.
 String getAuthorUID()
          Get user name (stored as UID in the distinguished subject name) of this certificate's author, or empty string if UID is not present.
 String getFingerprint()
           
 String getIssuerFingerprint()
          Get the fingerprint of the issuer certificate.
 String getIssuerName()
          Get issuer name of this certificate.
 int hashCode()
           
 String toPEMString()
          Get the internal X509 certificate in a standard PEM format.
 String toString()
           
 
Methods inherited from class org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper
checkValidity, checkValidity, getBasicConstraints, getCriticalExtensionOIDs, getEncoded, getExtendedKeyUsage, getExtensionValue, getIssuerAlternativeNames, getIssuerDN, getIssuerUniqueID, getIssuerX500Principal, getKeyUsage, getNonCriticalExtensionOIDs, getNotAfter, getNotBefore, getPublicKey, getSerialNumber, getSigAlgName, getSigAlgOID, getSigAlgParams, getSignature, getSubjectAlternativeNames, getSubjectDN, getSubjectUniqueID, getSubjectX500Principal, getTBSCertificate, getVersion, hasUnsupportedCriticalExtension, verify, verify
 
Methods inherited from class java.security.cert.Certificate
getType, writeReplace
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

XWikiX509Certificate

public XWikiX509Certificate(X509Certificate certificate)
Create new XWikiX509Certificate. Assume that the certificate is self-signed.

Parameters:
certificate - the actual certificate to use

XWikiX509Certificate

public XWikiX509Certificate(X509Certificate certificate,
                            String issuerFp)
Create new XWikiX509Certificate.

Parameters:
certificate - the actual certificate to use
issuerFp - fingerprint of the issuer certificate, null if self-signed
Method Detail

calculateFingerprint

public static String calculateFingerprint(Certificate certificate)
Calculate the fingerprint of the given certificate. Throws a RuntimeException on errors.

Parameters:
certificate - the certificate to use
Returns:
certificate fingerprint in hex

hashCode

public int hashCode()
Overrides:
hashCode in class org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper

equals

public boolean equals(Object obj)
Overrides:
equals in class org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper

toString

public String toString()
Specified by:
toString in class Certificate

getFingerprint

public String getFingerprint()
Returns:
the fingerprint

toPEMString

public String toPEMString()
                   throws CertificateEncodingException
Get the internal X509 certificate in a standard PEM format.

Returns:
the certificate in PEM format
Throws:
CertificateEncodingException - on errors
See Also:
XWikiX509Certificate#fromPEMString()

fromPEMString

public static XWikiX509Certificate fromPEMString(String pemEncoded)
                                          throws GeneralSecurityException
Constructor from a PEM formatted string. This constructor will search the given string until it finds CERT_BEGIN and assume everything until the next CERT_END is a valid PEM formatted certificate. If there are multiple certificates in the passed string the first will be parsed, its issuer fingerprint will be set to the fingerprint of the second certificate and all subsequent certificates will be ignored.

Parameters:
pemEncoded - a String containing an X509 certificate in PEM format
Returns:
an XWikiX509Certificate from the PEM input.
Throws:
GeneralSecurityException - If there isn't a valid CERT_BEGIN or CERT_END tag, or if there is an exception parsing the content inbetween.
See Also:
toPEMString()

fromCertificateChain

public static XWikiX509Certificate[] fromCertificateChain(Certificate[] x509Chain)
Convert a chain of Certificates into a chain of XWikiX509Certificates, correctly setting the issuer fingerprint. The last certificate in the chain is assumed to be self-signed.

Each certificate in the input chain must be a subclass of X509Certificate, otherwise a runtime exception is thrown (the type is Certificate[] and not X509Certificate[] just for convenience, since certificate factories create certificate chains of this type).

Parameters:
x509Chain - a chain if X509 certificates
Returns:
a corresponding chain of XWikiX509Certificates wrapping the certificates from the input chain

getIssuerName

public String getIssuerName()
Get issuer name of this certificate. Same as getAuthorName() of the certificate obtained via getIssuerFingerprint().

Returns:
issuer name

getIssuerFingerprint

public String getIssuerFingerprint()
Get the fingerprint of the issuer certificate.

Returns:
issuer fingerprint

getAuthorName

public String getAuthorName()
Get name of the author (subject name) of this certificate.

Returns:
author name

getAuthorUID

public String getAuthorUID()
Get user name (stored as UID in the distinguished subject name) of this certificate's author, or empty string if UID is not present.

Returns:
author UID
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2013 XWiki. All Rights Reserved.