org.opcfoundation.ua.utils
Class SunJceUtils

java.lang.Object
  extended by org.opcfoundation.ua.utils.SunJceUtils

public class SunJceUtils
extends Object

SunJCE specific implementations of certain Crypto Utilities. Called normally from the CryptoUtil or CertificateUtils class, so use those methods instead.


Constructor Summary
SunJceUtils()
           
 
Method Summary
static byte[] base64Decode(String string)
          base64Decode.
static String base64Encode(byte[] bytes)
          base64Encode.
static X509Certificate generateCertificate(String domainName, PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, Date from, Date to, BigInteger serialNumber, String applicationUri, String... hostNames)
          Generates a new certificate using the Sun implementation.
static X509Certificate generateIssuerCert(PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, String domainName, BigInteger serialNumber, Date startDate, Date expiryDate)
          Build a X509 V3 certificate to use as an issuer (CA) certificate.
static Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
          getSubjectAlternativeNames.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SunJceUtils

public SunJceUtils()
Method Detail

base64Decode

public static byte[] base64Decode(String string)

base64Decode.

Parameters:
string - a String object.
Returns:
an array of byte.

base64Encode

public static String base64Encode(byte[] bytes)

base64Encode.

Parameters:
bytes - an array of byte.
Returns:
a String object.

generateIssuerCert

public static X509Certificate generateIssuerCert(PublicKey publicKey,
                                                 PrivateKey privateKey,
                                                 KeyPair issuerKeys,
                                                 String domainName,
                                                 BigInteger serialNumber,
                                                 Date startDate,
                                                 Date expiryDate)
                                          throws GeneralSecurityException,
                                                 IOException
Build a X509 V3 certificate to use as an issuer (CA) certificate. The certificate does not define OPC UA specific fields, so it cannot be used for an application instance certificate.

Parameters:
publicKey - the public key to use for the certificate
privateKey - the private key corresponding to the publicKey
issuerKeys - the certificate and private key of the certificate issuer: if null a self-signed certificate is created.
domainName - the CommonName to use for the subject of the certificate.
serialNumber - a BigInteger object.
startDate - a Date object.
expiryDate - a Date object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

generateCertificate

public static X509Certificate generateCertificate(String domainName,
                                                  PublicKey publicKey,
                                                  PrivateKey privateKey,
                                                  KeyPair issuerKeys,
                                                  Date from,
                                                  Date to,
                                                  BigInteger serialNumber,
                                                  String applicationUri,
                                                  String... hostNames)
                                           throws GeneralSecurityException,
                                                  IOException
Generates a new certificate using the Sun implementation.

The method is used from CertificateUtils.createApplicationInstanceCertificate(String, String, String, int, String...) and CertificateUtils.renewApplicationInstanceCertificate(String, String, String, int, org.opcfoundation.ua.transport.security.KeyPair, String...)

Parameters:
domainName - the X500 domain name for the certificate
publicKey - the public key of the cert
privateKey - the private key of the cert
issuerKeys - the certificate and private key of the issuer
from - validity start time
to - validity end time
serialNumber - a unique serial number for the certificate
applicationUri - the OPC UA ApplicationUri of the application - added to SubjectAlternativeName
hostNames - the additional host names to ass to SubjectAlternativeName
Returns:
the generated certificate
Throws:
GeneralSecurityException - if the generation fails
IOException - if the generation fails due to an IO exception

getSubjectAlternativeNames

public static Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
                                                      throws CertificateParsingException

getSubjectAlternativeNames.

Parameters:
cert - a X509Certificate object.
Returns:
a Collection object.
Throws:
CertificateParsingException - if any.


Copyright © 2018. All rights reserved.