Class CertificateHelper

Method Details

• getCertificateFactory

  public static CertificateFactory getCertificateFactory() throws CertificateException

  Returns a certificate factory object that implements the specified certificate type.

  This method traverses the list of registered security Providers, starting with the most preferred Provider. A new CertificateFactory object encapsulating the CertificateFactorySpi implementation from the first Provider that supports the specified type is returned. Once retrieved, it is cached.

  Returns:

  A certificate factory object for X.509 certificates.

  Throws:

  CertificateException - If no Provider supports a CertificateFactorySpi implementation for the specified type.

• loadCertificate

  public static X509Certificate loadCertificate(String fileName) throws CertificateException, FileNotFoundException, IOException

  Loads an X.509 certificate from a file.

  Returns:

  The certificate, never null.

  Throws:

  CertificateException - For certificate errors.

  IOException - For I/O errors.

  FileNotFoundException - If file is not found.

• loadCertificates

  public static X509Certificate[] loadCertificates(String fileName) throws CertificateException, FileNotFoundException, IOException

  Loads an encoded X.509 certificate path from a file.

  Parameters:

  fileName - The file name.

  Returns:

  The certificates array.

  Throws:

  CertificateException - For certificate errors.

  IOException - For I/O errors.

  FileNotFoundException - If file is not found.

• loadCertificate

  public static final X509Certificate loadCertificate(File file) throws CertificateException, FileNotFoundException, IOException

  Loads a x.509 certificate from file.

  Parameters:

  file - The file.

  Returns:

  The X.509 certificate.

  Throws:

  FileNotFoundException - If file is not found.

  IOException - For I/O errors.

  CertificateException - For parsing errors.

• loadCertificates

  public static final X509Certificate[] loadCertificates(File file) throws CertificateException, FileNotFoundException, IOException

  Loads a collection of X.509 certificate from a file.

  Parameters:

  file - The file.

  Returns:

  The certificates array.

  Throws:

  FileNotFoundException - If file is not found.

  IOException - For I/O errors.

  CertificateException - For parsing errors.

• loadCertificate

  public static final X509Certificate loadCertificate(InputStream inputStream) throws CertificateException

  Loads a x.509 certificate from an input stream.

  Parameters:

  inputStream - The input stream. The caller must close the input stream!

  Returns:

  The X.509 certificate.

  Throws:

  CertificateException - For parsing errors.

• loadCertificates

  public static X509Certificate[] loadCertificates(byte[] data) throws CertificateException

  Loads an encoded X.509 certificate path from a byte array.

  Parameters:

  data - The byte array.

  Returns:

  The X.509 certificates.

  Throws:

  CertificateException - If no Provider supports a CertificateFactorySpi implementation for the specified type when creating the Certificate Factory, or when the certificate is initialized from the data.

• loadCertificates

  public static final X509Certificate[] loadCertificates(InputStream inputStream) throws CertificateException

  Loads an encoded X.509 certificate path from an input stream and returns the certificates.

  Parameters:

  inputStream - The input stream. The caller must close the input stream!

  Returns:

  The certificates array.

  Throws:

  CertificateException - For parsing errors.

• toBytes

  public static byte[] toBytes(X509Certificate[] certs) throws CertificateException

  Returns the encoded form of a certification path from the X.509 certificates.

  Parameters:

  certs - The certificates.

  Returns:

  The encoded form of the certificates.

  Throws:

  CertificateEncodingException - If an encoding error occurs.

  CertificateException

• writeCertificates

  public static void writeCertificates(File file, X509Certificate[] certs) throws CertificateException, FileNotFoundException, IOException

  Writes the certificates in encoded form of the certificates using a certificate path. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.

  Parameters:

  file - The file.

  certs - The certificates.

  Throws:

  CertificateEncodingException - If an encoding error occurs.

  IOException - For I/O errors.

  FileNotFoundException - If the file failed creation due to e.g. missing directory.

  CertificateException

• createX500Principal

  public static X500Principal createX500Principal(String commonName, String organizationUnit, String organizationName, String localityName, String stateName, String country) throws Exception

  Creates the principal for certificate creation.

  Parameters:

  commonName - The CN common name.

  organizationUnit - The OU organization unit.

  organizationName - The O organization name.

  localityName - The L locality or city name.

  stateName - The ST state or province name.

  country - The C country, two letter code.

  Returns:

  The X500Principal.

  Throws:

  NullPointerException - If a parameter is null.

  Exception - For other errors with the parameters.

• assignCertificateFromEclipseBundle

  public static void assignCertificateFromEclipseBundle(IX509CertificateFromEclipseBundle eclipseCertsResolver)

  Assigns the certificate retrieval from an Eclipse Bundle when it cannot be retrieved normally using the Java CodeSource.getCertificates() call.

  Parameters:

  eclipseCertsResolver - Interface to call to find the certificates for a class in a bundle.

  Throws:

  NullPointerException - If eclipseCerts is null.

  IllegalStateException - If already assigned.

• getCodeSigningCertificates

  public static X509Certificate[] getCodeSigningCertificates(Class<?> cls)

  Gets the code signing certificates of an object. Note that only valid and trusted X.509 certificates are returned, never self-signed certificates.

  Parameters:

  cls - The class to retrieve the code signing certificates for.

  Returns:

  The X.509 certificate chain, or null if not signed.

• getJarCertificates

  public static X509Certificate[] getJarCertificates(JarFile jf) throws IOException

  Verifies an open JAR file (with verify flag present) for valid certificates.

  Returns:

  null if not signed, otherwise the X.509 certificates. If the file has no files, return an empty list of X.509 certificates.

  Throws:

  IOException - if there is a problem with the JAR file or it's signing.

• verifyManifest

  public static String verifyManifest(Manifest man)

  Verifies that the main manifest attributes are correct according to an iiziApp using the security model for sealed, codebase and permissions attributes.

  If the developer ID and/or appID is present, they are returned.

  Parameters:

  man - The manifest.

  Returns:

  null for OK, otherwise the failed attribute description.

• isJarSigned

  public static boolean isJarSigned(String jarFileName)

  Checks if an iiziApp Jar file is signed.

  Parameters:

  jarFileName - The Jar file name.

  Returns:

  true if signed, false otherwise.