uk.ac.soton.itinnovation.grid.utils
Class KeyStoreUtils

java.lang.Object
  uk.ac.soton.itinnovation.grid.utils.KeyStoreUtils

public class KeyStoreUtils
extends Object

Utility methods for handling keystores.

Constructor Summary

KeyStoreUtils()

Method Summary

static void	ensureCertUsage(X509Certificate cert, boolean asClient, boolean asServer) Check that this certificate can be used for the given purpose(s).
static X509Certificate	getCertificateByDN(KeyStore keystore, String DN)
static X509Certificate	getCertificateByX500Princ(KeyStore keystore, X500Principal principal)
static String	getPrivateKeyAlias(File keystore, char[] password) Load the keystore and return the alias of the private key.
static String	getPrivateKeyAlias(InputStream keystoreIS, char[] password) Load the keystore and return the alias of the private key.
static String	getPrivateKeyAlias(KeyStore ks, char[] password) Returns the alias of the single private key in the keystore.
static X509Certificate	loadCertificate(String resource)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

KeyStoreUtils

public KeyStoreUtils()

Method Detail

getPrivateKeyAlias

public static String getPrivateKeyAlias(File keystore,
                                        char[] password)
                                 throws KeyStoreException

Load the keystore and return the alias of the private key.

Parameters:

keystore - the JKS format file to load

password - the private key password, or null to skip check

Returns:

the private key alias

Throws:

KeyStoreException - with a suitable error message if there is any problem. If the password is given, then we check that the private key can be read and has the same password as the keystore. Otherwise, we only check that the keystore contains a single private key.

getPrivateKeyAlias

public static String getPrivateKeyAlias(InputStream keystoreIS,
                                        char[] password)
                                 throws KeyStoreException

Load the keystore and return the alias of the private key.

Parameters:

keystoreIS - an InputStream from which to read a JKS format keystore file

password - the private key password, or null to skip check

Returns:

the private key alias

Throws:

KeyStoreException - with a suitable error message if there is any problem. If the password is given, then we check that the private key can be read and has the same password as the keystore. Otherwise, we only check that the keystore contains a single private key.

getPrivateKeyAlias

public static String getPrivateKeyAlias(KeyStore ks,
                                        char[] password)
                                 throws KeyStoreException

Returns the alias of the single private key in the keystore.

Parameters:

ks - the KeyStore to check

password - the private key password, or null to skip check

Returns:

the private key alias

Throws:

KeyStoreException - with a suitable error message if there is any problem. If the password is given, then we check that the private key can be read and has the same password as the keystore. Otherwise, we only check that the keystore contains a single private key.

loadCertificate

public static X509Certificate loadCertificate(String resource)

getCertificateByDN

public static X509Certificate getCertificateByDN(KeyStore keystore,
                                                 String DN)

getCertificateByX500Princ

public static X509Certificate getCertificateByX500Princ(KeyStore keystore,
                                                        X500Principal principal)

ensureCertUsage

public static void ensureCertUsage(X509Certificate cert,
                                   boolean asClient,
                                   boolean asServer)
                            throws KeyStoreException

Check that this certificate can be used for the given purpose(s).

Throws:

KeyStoreException - if not