Package com.nimbusds.oauth2.sdk.util

Class X509CertificateUtils

java.lang.Object

com.nimbusds.oauth2.sdk.util.X509CertificateUtils

public final class X509CertificateUtils
extends Object

X.509 certificate utilities.

Method Summary

Modifier and Type	Method	Description
static boolean	hasMatchingIssuerAndSubject(X509Certificate cert)	Checks if the issuer DN and the subject DN of the specified X.509 certificate match.
static boolean	hasValidSignature(X509Certificate cert, PublicKey pubKey)	Validates the signature of a X.509 certificate with the specified public key.
static boolean	isSelfIssued(X509Certificate cert)	Checks if the specified X.509 certificate is self-issued, i.e.
static boolean	isSelfSigned(X509Certificate cert)	Checks if the specified X.509 certificate is self-signed, i.e.
static boolean	publicKeyMatches(X509Certificate cert, PublicKey pubKey)	Returns true if the public key of the X.509 certificate matches the specified public key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

hasMatchingIssuerAndSubject

public static boolean hasMatchingIssuerAndSubject(X509Certificate cert)

Checks if the issuer DN and the subject DN of the specified X.509 certificate match. The matched DNs are not normalised.

Parameters:

cert - The X.509 certificate. Must not be null.

Returns:

true if the issuer DN and and subject DN match, else false.

isSelfIssued

public static boolean isSelfIssued(X509Certificate cert)

Checks if the specified X.509 certificate is self-issued, i.e. it has a matching issuer and subject, and the public key can be used to successfully validate the certificate's digital signature.

Parameters:

cert - The X.509 certificate. Must not be null.

Returns:

true if the X.509 certificate is self-issued, else false.

isSelfSigned

public static boolean isSelfSigned(X509Certificate cert)

Checks if the specified X.509 certificate is self-signed, i.e. the public key can be used to successfully validate the certificate's digital signature.

Parameters:

cert - The X.509 certificate. Must not be null.

Returns:

true if the X.509 certificate is self-signed, else false.

hasValidSignature

public static boolean hasValidSignature(X509Certificate cert,
                                        PublicKey pubKey)

Validates the signature of a X.509 certificate with the specified public key.

Parameters:

cert - The X.509 certificate. Must not be null.

pubKey - The public key to use for the validation. Must not be null.

Returns:

true if the signature is valid, else false.

publicKeyMatches

public static boolean publicKeyMatches(X509Certificate cert,
                                       PublicKey pubKey)

Returns true if the public key of the X.509 certificate matches the specified public key.

Parameters:

cert - The X.509 certificate. Must not be null.

pubKey - The public key to compare. Must not be null.

Returns:

true if the two public keys match, else false.