Class CertUtil


  • public final class CertUtil
    extends Object
    Java X.509 certificate utilities, consolidated from various places.
    Since:
    0.9.9
    • Constructor Detail

      • CertUtil

        public CertUtil()
    • Method Detail

      • saveCert

        public static boolean saveCert​(Certificate cert,
                                       File file)
        Write a certificate to a file in base64 format.
        Returns:
        success
        Since:
        0.8.2, moved from SSLEepGet in 0.9.9
      • getSubjectAlternativeNames

        public static Set<String> getSubjectAlternativeNames​(X509Certificate cert)
        Get the set of Subject Alternative Names, including DNSNames, RFC822Names, IPv4 and v6 addresses as strings. see X509Certificate.getSubjectAlternativeNames()
        Returns:
        non-null, empty on error or none found
        Since:
        0.9.34
      • getSubjectValue

        public static String getSubjectValue​(X509Certificate cert,
                                             String type)
        Get a value out of the subject distinguished name. Warning - unsupported in Android (no javax.naming), returns null.
        Parameters:
        type - e.g. "CN"
        Returns:
        value or null if not found
      • getIssuerValue

        public static String getIssuerValue​(X509Certificate cert,
                                            String type)
        Get a value out of the issuer distinguished name. Warning - unsupported in Android (no javax.naming), returns null.
        Parameters:
        type - e.g. "CN"
        Returns:
        value or null if not found
        Since:
        0.9.24
      • saveCRL

        public static boolean saveCRL​(X509CRL crl,
                                      File file)
        Write a CRL to a file in base64 format.
        Returns:
        success
        Since:
        0.9.25
      • isRevoked

        public static boolean isRevoked​(Certificate cert)
        Is the certificate revoked? This loads the CRLs from disk. For efficiency, call loadCRLs() and then pass to isRevoked().
        Since:
        0.9.25
      • isRevoked

        public static boolean isRevoked​(I2PAppContext ctx,
                                        Certificate cert)
        Is the certificate revoked? This loads the CRLs from disk. For efficiency, call loadCRLs() and then pass to isRevoked().
        Since:
        0.9.25
      • isRevoked

        public static boolean isRevoked​(CertStore store,
                                        Certificate cert)
        Is the certificate revoked?
        Since:
        0.9.25
      • loadCRLs

        public static CertStore loadCRLs()
        Load CRLs from standard locations.
        Returns:
        non-null, possibly empty
        Since:
        0.9.25
      • loadCRLs

        public static CertStore loadCRLs​(I2PAppContext ctx)
        Load CRLs from standard locations.
        Returns:
        non-null, possibly empty
        Since:
        0.9.25
      • main

        public static final void main​(String[] args)