org.opcfoundation.ua.utils
Class SpongyCastleUtils

java.lang.Object
  extended by org.opcfoundation.ua.utils.SpongyCastleUtils

public class SpongyCastleUtils
extends Object

SpongyCastle specific implementations of certain Crypto Utilities. Called normally from the CryptoUtil or CertificateUtils class, so use those methods instead.


Constructor Summary
SpongyCastleUtils()
           
 
Method Summary
static byte[] base64Decode(String string)
          base64Decode.
static String base64Encode(byte[] bytes)
          base64Encode.
static X509Certificate generateCertificate(String domainName, PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, Date from, Date to, BigInteger serial, String applicationUri, String... hostNames)
          Generates a new certificate using the Spongy Castle implementation.
static X509Certificate generateIssuerCert(PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, String commonName, BigInteger serialNr, Date startDate, Date expiryDate)
          Build a X509 V3 certificate to use as an issuer (CA) certificate.
static Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
          getSubjectAlternativeNames.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SpongyCastleUtils

public SpongyCastleUtils()
Method Detail

generateIssuerCert

public static X509Certificate generateIssuerCert(PublicKey publicKey,
                                                 PrivateKey privateKey,
                                                 KeyPair issuerKeys,
                                                 String commonName,
                                                 BigInteger serialNr,
                                                 Date startDate,
                                                 Date expiryDate)
                                          throws GeneralSecurityException,
                                                 IOException
Build a X509 V3 certificate to use as an issuer (CA) certificate. The certificate does not define OPC UA specific fields, so it cannot be used for an application instance certificate.

Parameters:
publicKey - the public key to use for the certificate
privateKey - the private key corresponding to the publicKey
issuerKeys - the certificate and private key of the certificate issuer: if null a self-signed certificate is created.
commonName - the CommonName to use for the subject of the certificate.
serialNr - a BigInteger object.
startDate - a Date object.
expiryDate - a Date object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

generateCertificate

public static X509Certificate generateCertificate(String domainName,
                                                  PublicKey publicKey,
                                                  PrivateKey privateKey,
                                                  KeyPair issuerKeys,
                                                  Date from,
                                                  Date to,
                                                  BigInteger serial,
                                                  String applicationUri,
                                                  String... hostNames)
                                           throws IOException,
                                                  GeneralSecurityException
Generates a new certificate using the Spongy Castle implementation.

The method is used from CertificateUtils.createApplicationInstanceCertificate(String, String, String, int, String...) and CertificateUtils.renewApplicationInstanceCertificate(String, String, String, int, org.opcfoundation.ua.transport.security.KeyPair, String...)

Parameters:
domainName - the X500 domain name for the certificate
publicKey - the public key of the cert
privateKey - the private key of the cert
issuerKeys - the certificate and private key of the issuer
from - validity start time
to - validity end time
applicationUri - the OPC UA ApplicationUri of the application - added to SubjectAlternativeName
hostNames - the additional host names to ass to SubjectAlternativeName
serial - a BigInteger object.
Returns:
the generated certificate
Throws:
GeneralSecurityException - if the generation fails
IOException - if the generation fails due to an IO exception

base64Decode

public static byte[] base64Decode(String string)

base64Decode.

Parameters:
string - a String object.
Returns:
an array of byte.

base64Encode

public static String base64Encode(byte[] bytes)

base64Encode.

Parameters:
bytes - an array of byte.
Returns:
a String object.

getSubjectAlternativeNames

public static Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
                                                      throws CertificateParsingException

getSubjectAlternativeNames.

Parameters:
cert - a X509Certificate object.
Returns:
a Collection object.
Throws:
CertificateParsingException - if any.


Copyright © 2018. All rights reserved.