Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.gsi
Class CertUtil

java.lang.Object
  extended byorg.globus.gsi.CertUtil
public class CertUtil
extends Object

Contains various security-related utility methods.

Constructor Summary
CertUtil()
           
 
Method Summary
static KeyPair generateKeyPair(String algorithm, int bits)
          Generates a key pair of given algorithm and strength.
protected static CertificateFactory getCertificateFactory()
          Returns appropriate CertificateFactory.
static String getProxyTypeAsString(int proxyType)
          Returns a string description of a specified proxy type.
static void init()
          A no-op function that can be used to force the class to load and initialize.
static void installSecureRandomProvider()
          Installs SecureRandom provider.
static boolean isGsi2Proxy(int certType)
          Determines if a specified certificate type indicates a GSI-2 proxy certificate.
static boolean isGsi3Enabled()
          Checks if GSI-3 mode is enabled.
static boolean isGsi3Proxy(int certType)
          Determines if a specified certificate type indicates a GSI-3 proxy certificate.
static boolean isGsi4Proxy(int certType)
          Determines if a specified certificate type indicates a GSI-4 proxy certificate.
static boolean isImpersonationProxy(int certType)
          Determines if a specified certificate type indicates a GSI-2 or GSI-3 impersonation proxy certificate.
static boolean isIndependentProxy(int certType)
          Determines if a specified certificate type indicates a GSI-3 or GS-4 limited proxy certificate.
static boolean isLimitedProxy(int certType)
          Determines if a specified certificate type indicates a GSI-2 or GSI-3 limited proxy certificate.
static boolean isProxy(int certType)
          Determines if a specified certificate type indicates a GSI-2 or GSI-3 proxy certificate.
static X509Certificate loadCertificate(InputStream in)
          Loads a X509 certificate from the specified input stream.
static X509Certificate loadCertificate(String file)
          Loads an X509 certificate from the specified file.
static X509Certificate[] loadCertificates(String file)
          Loads multiple X509 certificates from the specified file.
static X509CRL loadCrl(InputStream in)
           
static X509CRL loadCrl(String file)
           
static void setProvider(String providerName)
          Sets a provider name to use for loading certificates and for generating key pairs.
static String toGlobusID(Principal name)
           
static String toGlobusID(String dn)
          Converts DN of the form "CN=foo, O=bar" into Globus format "/CN=foo/O=bar" (in the reverse way).
static String toGlobusID(String dn, boolean reverse)
          Converts DN of the form "CN=foo, O=bar" into Globus format "/CN=foo/O=bar".
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CertUtil

public CertUtil()
Method Detail

init

public static void init()
A no-op function that can be used to force the class to load and initialize.

setProvider

public static void setProvider(String providerName)
Sets a provider name to use for loading certificates and for generating key pairs.

Parameters:
providerName - provider name to use.

getCertificateFactory

protected static CertificateFactory getCertificateFactory()
                                                   throws GeneralSecurityException
Returns appropriate CertificateFactory. If provider was set a provider-specific CertificateFactory will be used. Otherwise, a default CertificateFactory will be used.

Returns:
CertificateFactory
Throws:
GeneralSecurityException

loadCertificate

public static X509Certificate loadCertificate(InputStream in)
                                       throws GeneralSecurityException
Loads a X509 certificate from the specified input stream. Input stream must contain DER-encoded certificate.

Parameters:
in - the input stream to read the certificate from.
Returns:
X509Certificate the loaded certificate.
Throws:
GeneralSecurityException - if certificate failed to load.

loadCertificate

public static X509Certificate loadCertificate(String file)
                                       throws IOException,
                                              GeneralSecurityException
Loads an X509 certificate from the specified file. It reads only what is in between the lines containing "BEGIN CERTIFICATE" and "END".

Parameters:
file - the certificate file to load the certificate from.
Returns:
java.security.cert.X509Certificate the loaded certificate.
Throws:
IOException - if I/O error occurs
GeneralSecurityException - if security problems occurs.

loadCertificates

public static X509Certificate[] loadCertificates(String file)
                                          throws IOException,
                                                 GeneralSecurityException
Loads multiple X509 certificates from the specified file. It reads only what is in between the lines containing "BEGIN CERTIFICATE" and "END".

Parameters:
file - the certificate file to load the certificate from.
Returns:
java.security.cert.X509Certificate the loaded certificate.
Throws:
IOException - if I/O error occurs
GeneralSecurityException - if security problems occurs.

toGlobusID

public static String toGlobusID(String dn)
Converts DN of the form "CN=foo, O=bar" into Globus format "/CN=foo/O=bar" (in the reverse way). This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.

Parameters:
dn - the DN to convert to Globus format.
Returns:
the converted DN in Globus format.
See Also:
toGlobusID(String, boolean)

toGlobusID

public static String toGlobusID(String dn,
                                boolean reverse)
Converts DN of the form "CN=foo, O=bar" into Globus format "/CN=foo/O=bar". This function might return incorrect Globus-formatted ID when one of the RDNs in the DN contains commas.

Parameters:
dn - the DN to convert to Globus format.
reverse - the direction of the conversion.
Returns:
the converted DN in Globus format.

toGlobusID

public static String toGlobusID(Principal name)

installSecureRandomProvider

public static void installSecureRandomProvider()
Installs SecureRandom provider. This function is automatically called when this class is loaded.

generateKeyPair

public static KeyPair generateKeyPair(String algorithm,
                                      int bits)
                               throws GeneralSecurityException
Generates a key pair of given algorithm and strength.

Parameters:
algorithm - the algorithm of the key pair.
bits - the strength
Returns:
KeyPair the generated key pair.
Throws:
GeneralSecurityException - if something goes wrong.

isProxy

public static boolean isProxy(int certType)
Determines if a specified certificate type indicates a GSI-2 or GSI-3 proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-2 or GSI-3 proxy, false otherwise.

isGsi4Proxy

public static boolean isGsi4Proxy(int certType)
Determines if a specified certificate type indicates a GSI-4 proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-3 proxy, false otherwise.

isGsi3Proxy

public static boolean isGsi3Proxy(int certType)
Determines if a specified certificate type indicates a GSI-3 proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-3 proxy, false otherwise.

isGsi2Proxy

public static boolean isGsi2Proxy(int certType)
Determines if a specified certificate type indicates a GSI-2 proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-2 proxy, false otherwise.

isLimitedProxy

public static boolean isLimitedProxy(int certType)
Determines if a specified certificate type indicates a GSI-2 or GSI-3 limited proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-2 or GSI-3 limited proxy, false otherwise.

isIndependentProxy

public static boolean isIndependentProxy(int certType)
Determines if a specified certificate type indicates a GSI-3 or GS-4 limited proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-3 or GSI-4 independent proxy, false otherwise.

isImpersonationProxy

public static boolean isImpersonationProxy(int certType)
Determines if a specified certificate type indicates a GSI-2 or GSI-3 impersonation proxy certificate.

Parameters:
certType - the certificate type to check.
Returns:
true if certType is a GSI-2 or GSI-3 impersonation proxy, false otherwise.

getProxyTypeAsString

public static String getProxyTypeAsString(int proxyType)
Returns a string description of a specified proxy type.

Parameters:
proxyType - the proxy type to get the string description of.
Returns:
the string description of the proxy type.

isGsi3Enabled

public static boolean isGsi3Enabled()
Checks if GSI-3 mode is enabled.

Returns:
true if "org.globus.gsi.version" system property is set to "3". Otherwise, false.

loadCrl

public static X509CRL loadCrl(String file)
                       throws IOException,
                              GeneralSecurityException
Throws:
IOException
GeneralSecurityException

loadCrl

public static X509CRL loadCrl(InputStream in)
                       throws GeneralSecurityException
Throws:
GeneralSecurityException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD