Package com.nimbusds.oauth2.sdk.util
Class X509CertificateUtils
- java.lang.Object
-
- com.nimbusds.oauth2.sdk.util.X509CertificateUtils
-
public final class X509CertificateUtils extends Object
X.509 certificate utilities.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static boolean
hasMatchingIssuerAndSubject(X509Certificate cert)
Checks if the issuer DN and the subject DN of the specified X.509 certificate match.static boolean
hasValidSignature(X509Certificate cert, PublicKey pubKey)
Validates the signature of a X.509 certificate with the specified public key.static boolean
isSelfIssued(X509Certificate cert)
Checks if the specified X.509 certificate is self-issued, i.e.static boolean
isSelfSigned(X509Certificate cert)
Checks if the specified X.509 certificate is self-signed, i.e.static boolean
publicKeyMatches(X509Certificate cert, PublicKey pubKey)
Returnstrue
if the public key of the X.509 certificate matches the specified public key.
-
-
-
Method Detail
-
hasMatchingIssuerAndSubject
public static boolean hasMatchingIssuerAndSubject(X509Certificate cert)
Checks if the issuer DN and the subject DN of the specified X.509 certificate match. The matched DNs are not normalised.- Parameters:
cert
- The X.509 certificate. Must not benull
.- Returns:
true
if the issuer DN and and subject DN match, elsefalse
.
-
isSelfIssued
public static boolean isSelfIssued(X509Certificate cert)
Checks if the specified X.509 certificate is self-issued, i.e. it has a matching issuer and subject, and the public key can be used to successfully validate the certificate's digital signature.- Parameters:
cert
- The X.509 certificate. Must not benull
.- Returns:
true
if the X.509 certificate is self-issued, elsefalse
.
-
isSelfSigned
public static boolean isSelfSigned(X509Certificate cert)
Checks if the specified X.509 certificate is self-signed, i.e. the public key can be used to successfully validate the certificate's digital signature.- Parameters:
cert
- The X.509 certificate. Must not benull
.- Returns:
true
if the X.509 certificate is self-signed, elsefalse
.
-
hasValidSignature
public static boolean hasValidSignature(X509Certificate cert, PublicKey pubKey)
Validates the signature of a X.509 certificate with the specified public key.- Parameters:
cert
- The X.509 certificate. Must not benull
.pubKey
- The public key to use for the validation. Must not benull
.- Returns:
true
if the signature is valid, elsefalse
.
-
publicKeyMatches
public static boolean publicKeyMatches(X509Certificate cert, PublicKey pubKey)
Returnstrue
if the public key of the X.509 certificate matches the specified public key.- Parameters:
cert
- The X.509 certificate. Must not benull
.pubKey
- The public key to compare. Must not benull
.- Returns:
true
if the two public keys match, elsefalse
.
-
-