CaHelper (stdlib 5.1.2 API)

java.lang.Object
- com.peterphi.std.crypto.keygen.CaHelper

```
public class CaHelper
extends Object
```

Field Summary

Fields
Modifier and Type	Field and Description
`static boolean`	`GLOBUS_ALGORITHM_HACK` If true, changes the default algorithm to MD5WITHRSA
`static boolean`	`GLOBUS_COG_HACK` If true, enables a hack which works around GT 4.2.1 "Bug 3299:12 Extended Key Usage certificate extension not supported" (a problem in CoG)
`static org.bouncycastle.asn1.DERObjectIdentifier`	`netscapeCertType`

Constructor Summary

Constructors
Constructor and Description

CaHelper()

Constructors
Constructor and Description
`CaHelper()`

Method Summary

Methods
Modifier and Type	Method and Description
`static X509Certificate`	`generateCaCertificate(String friendlyName, KeyPair kp, BigInteger serial, org.bouncycastle.asn1.x509.X509Name issuer)`
`static X509Certificate`	`generateCaCertificate(String friendlyName, KeyPair kp, BigInteger serial, org.bouncycastle.asn1.x509.X509Name issuer, org.bouncycastle.asn1.x509.X509Name subject)`
`static org.bouncycastle.jce.PKCS10CertificationRequest`	`generateCertificateRequest(X509Certificate cert, PrivateKey signingKey)`
`static X509Certificate`	`generateClientCertificate(PublicKey certificatePublicKey, PrivateKey caPrivateKey, org.bouncycastle.asn1.x509.X509Name issuer, org.bouncycastle.asn1.x509.X509Name subject)`
`static KeyPair`	`generateKeyPair(int bits)`
`static X509Certificate`	`generateServerCertificate(PublicKey certificatePublicKey, PrivateKey caPrivateKey, org.bouncycastle.asn1.x509.X509Name issuer, org.bouncycastle.asn1.x509.X509Name subject)`
`static void`	`main(String[] args)`
`static String`	`openssl_X509_NAME_hash(X500Principal p)` Generates a hexidecimal OpenSSL X509_NAME hash (as used in openssl x509 -hash -in cert.pem) Based on openssl's crypto/x509/x509_cmp.c line 321
`static String`	`opensslHash(X509Certificate cert)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- GLOBUS_COG_HACK
```
public static final boolean GLOBUS_COG_HACK
```
  If true, enables a hack which works around GT 4.2.1 "Bug 3299:12 Extended Key Usage certificate extension not supported" (a problem in CoG)
  
  See Also:
  Constant Field Values
- GLOBUS_ALGORITHM_HACK
```
public static final boolean GLOBUS_ALGORITHM_HACK
```
  If true, changes the default algorithm to MD5WITHRSA
  
  See Also:
  Constant Field Values
- netscapeCertType
```
public static final org.bouncycastle.asn1.DERObjectIdentifier netscapeCertType
```

Constructor Detail
- CaHelper
```
public CaHelper()
```

Method Detail

opensslHash

public static String opensslHash(X509Certificate cert)

openssl_X509_NAME_hash
```
public static String openssl_X509_NAME_hash(X500Principal p)
                                     throws NoSuchAlgorithmException
```
Generates a hexidecimal OpenSSL X509_NAME hash (as used in openssl x509 -hash -in cert.pem)
Based on openssl's crypto/x509/x509_cmp.c line 321

Parameters:
p -

Returns:

Throws:

NoSuchAlgorithmException

generateKeyPair

public static KeyPair generateKeyPair(int bits)
                               throws Exception

Throws:: Exception

generateClientCertificate

public static X509Certificate generateClientCertificate(PublicKey certificatePublicKey,
                                        PrivateKey caPrivateKey,
                                        org.bouncycastle.asn1.x509.X509Name issuer,
                                        org.bouncycastle.asn1.x509.X509Name subject)
                                                 throws Exception

Parameters:: certificatePublicKey -; caPrivateKey -; issuer -; subject -
Returns:
Throws:: Exception

generateServerCertificate

public static X509Certificate generateServerCertificate(PublicKey certificatePublicKey,
                                        PrivateKey caPrivateKey,
                                        org.bouncycastle.asn1.x509.X509Name issuer,
                                        org.bouncycastle.asn1.x509.X509Name subject)
                                                 throws Exception

Parameters:: certificatePublicKey -; caPrivateKey -; issuer -; subject -
Returns:
Throws:: Exception

generateCaCertificate

public static X509Certificate generateCaCertificate(String friendlyName,
                                    KeyPair kp,
                                    BigInteger serial,
                                    org.bouncycastle.asn1.x509.X509Name issuer)
                                             throws Exception

Throws:: Exception

generateCaCertificate

public static X509Certificate generateCaCertificate(String friendlyName,
                                    KeyPair kp,
                                    BigInteger serial,
                                    org.bouncycastle.asn1.x509.X509Name issuer,
                                    org.bouncycastle.asn1.x509.X509Name subject)
                                             throws Exception

Parameters:: kp -; issuer -; subject -
Returns:
Throws:: Exception

generateCertificateRequest

public static org.bouncycastle.jce.PKCS10CertificationRequest generateCertificateRequest(X509Certificate cert,
                                                                         PrivateKey signingKey)
                                                                                  throws Exception

Throws:: Exception

main

public static void main(String[] args)
                 throws Exception

Throws:: Exception

Class CaHelper

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

GLOBUS_COG_HACK

GLOBUS_ALGORITHM_HACK

netscapeCertType

Constructor Detail

CaHelper

Method Detail

opensslHash

openssl_X509_NAME_hash

generateKeyPair

generateClientCertificate

generateServerCertificate

generateCaCertificate

generateCaCertificate

generateCertificateRequest

main