Package com.nimbusds.jose.util

Class X509CertUtils

java.lang.Object
com.nimbusds.jose.util.X509CertUtils
public class X509CertUtils extends Object
X.509 certificate utilities.
Version:
2022-01-24
Author:
Vladimir Dzhuvinov, Simon Kissane

  • Field Details

  • Constructor Details

  • Method Details

    • getProvider

      public static Provider getProvider()
      Returns the JCA provider to use for certification operations.
      Returns:
      The JCA provider to use for certificate operations, null implies the default provider.

    • setProvider

      public static void setProvider(Provider provider)
      Sets the JCA provider to use for certification operations.
      Parameters:
      provider - The JCA provider to use for certificate operations, null implies the default.

    • parse

      public static X509Certificate parse(byte[] derEncodedCert)
      Parses a DER-encoded X.509 certificate.
      Parameters:
      derEncodedCert - The DER-encoded X.509 certificate, as a byte array. May be null.
      Returns:
      The X.509 certificate, null if not specified or parsing failed.

    • parseWithException

      public static X509Certificate parseWithException(byte[] derEncodedCert) throws CertificateException
      Parses a DER-encoded X.509 certificate with exception handling.
      Parameters:
      derEncodedCert - The DER-encoded X.509 certificate, as a byte array. Empty or null if not specified.
      Returns:
      The X.509 certificate, null if not specified.
      Throws:
      CertificateException - If parsing failed.

    • parse

      public static X509Certificate parse(String pemEncodedCert)
      Parses a PEM-encoded X.509 certificate.
      Parameters:
      pemEncodedCert - The PEM-encoded X.509 certificate, as a string. Empty or null if not specified.
      Returns:
      The X.509 certificate, null if parsing failed.

    • parseWithException

      public static X509Certificate parseWithException(String pemEncodedCert) throws CertificateException
      Parses a PEM-encoded X.509 certificate with exception handling.
      Parameters:
      pemEncodedCert - The PEM-encoded X.509 certificate, as a string. Empty or null if not specified.
      Returns:
      The X.509 certificate, null if parsing failed.
      Throws:
      CertificateException

    • toPEMString

      public static String toPEMString(X509Certificate cert)
      Returns the specified X.509 certificate as PEM-encoded string.
      Parameters:
      cert - The X.509 certificate. Must not be null.
      Returns:
      The PEM-encoded X.509 certificate, null if encoding failed.

    • toPEMString

      public static String toPEMString(X509Certificate cert, boolean withLineBreaks)
      Returns the specified X.509 certificate as PEM-encoded string.
      Parameters:
      cert - The X.509 certificate. Must not be null.
      withLineBreaks - false to suppress line breaks.
      Returns:
      The PEM-encoded X.509 certificate, null if encoding failed.

    • computeSHA256Thumbprint

      public static Base64URL computeSHA256Thumbprint(X509Certificate cert)
      Computes the X.509 certificate SHA-256 thumbprint (x5t#S256).
      Parameters:
      cert - The X.509 certificate. Must not be null.
      Returns:
      The SHA-256 thumbprint, BASE64URL-encoded, null if a certificate encoding exception is encountered.

    • store

      public static UUID store(KeyStore keyStore, PrivateKey privateKey, char[] keyPassword, X509Certificate cert) throws KeyStoreException
      Stores a private key with its associated X.509 certificate in a Java key store. The name (alias) for the stored entry is a given a random UUID.
      Parameters:
      keyStore - The key store. Must be initialised and not null.
      privateKey - The private key. Must not be null.
      keyPassword - The password to protect the private key, empty array for none. Must not be null.
      cert - The X.509 certificate, its public key and the private key should form a pair. Must not be null.
      Returns:
      The UUID for the stored entry.
      Throws:
      KeyStoreException