Class CsrUtil

java.lang.Object
org.cryptacular.util.CsrUtil

public final class CsrUtil extends Object
PKCS#10 certificate signing request (CSR) utilities.
Author:
Marvin S. Addison
  • Method Summary

    Modifier and Type
    Method
    Description
    static List<String>
    commonNames(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
    Gets all the common names from the subject of the certificate request.
    static org.bouncycastle.asn1.pkcs.CertificationRequest
    decodeCsr(byte[] csr)
    Decodes DER-encoded PKCS#10 certificate signing request into a structured object.
    static org.bouncycastle.asn1.pkcs.CertificationRequest
    Decodes PEM-encoded PKCS#10 certificate signing request into a structured object.
    static String
    encodeCsr(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)
    Encodes a PKCS#10 certificate signing request to PEM-encoded string format.
    static org.bouncycastle.pkcs.PKCS10CertificationRequest
    generateCsr(KeyPair keyPair, String subjectDN, String... subjectAltNames)
    Generates a CSR given a key pair, subject DN, and optional subject alternative names.
    static int
    keyLength(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
    Gets the size in bits of the public key in the CSR.
    static org.bouncycastle.asn1.pkcs.CertificationRequest
    readCsr(File file)
    Decodes either a PEM or DER-encoded PKCS#10 certificate signing request from a file into a structured object.
    static org.bouncycastle.asn1.pkcs.CertificationRequest
    Decodes either a PEM or DER-encoded PKCS#10 certificate signing request from a stream into a structured object.
    static String
    sigAlgName(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
    Gets the name of the signature algorithm mentioned in the CSR.
    static List<String>
    subjectAltNames(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
    Gets all subject alternative names mentioned on the certificate request.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Method Details

    • encodeCsr

      public static String encodeCsr(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)
      Encodes a PKCS#10 certificate signing request to PEM-encoded string format.
      Parameters:
      csr - Certificate signing request.
      Returns:
      PEM-encoded CSR.
      Throws:
      EncodingException - on errors writing PEM-encoded data.
    • decodeCsr

      public static org.bouncycastle.asn1.pkcs.CertificationRequest decodeCsr(String csr)
      Decodes PEM-encoded PKCS#10 certificate signing request into a structured object.
      Parameters:
      csr - PEM-encoded CSR.
      Returns:
      Decoded CSR.
      Throws:
      IllegalArgumentException - if input does not appear to be PEM-encoded data.
    • decodeCsr

      public static org.bouncycastle.asn1.pkcs.CertificationRequest decodeCsr(byte[] csr)
      Decodes DER-encoded PKCS#10 certificate signing request into a structured object.
      Parameters:
      csr - Bytes of a DER-encoded CSR.
      Returns:
      Decoded CSR.
    • readCsr

      public static org.bouncycastle.asn1.pkcs.CertificationRequest readCsr(File file)
      Decodes either a PEM or DER-encoded PKCS#10 certificate signing request from a file into a structured object.
      Parameters:
      file - File containing PEM or DER-encoded data.
      Returns:
      Decoded CSR.
    • readCsr

      public static org.bouncycastle.asn1.pkcs.CertificationRequest readCsr(InputStream in)
      Decodes either a PEM or DER-encoded PKCS#10 certificate signing request from a stream into a structured object.
      Parameters:
      in - Input stream containing PEM or DER-encoded data.
      Returns:
      Decoded CSR.
    • commonNames

      public static List<String> commonNames(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
      Gets all the common names from the subject of the certificate request.
      Parameters:
      csr - Certificate request.
      Returns:
      List of zero or more common names.
    • subjectAltNames

      public static List<String> subjectAltNames(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
      Gets all subject alternative names mentioned on the certificate request.
      Parameters:
      csr - Certificate request.
      Returns:
      List of subject alternative names.
    • sigAlgName

      public static String sigAlgName(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
      Gets the name of the signature algorithm mentioned in the CSR.
      Parameters:
      csr - Certificate request.
      Returns:
      Signature algorithm name, e.g. "SHA256withRSA"
    • keyLength

      public static int keyLength(org.bouncycastle.asn1.pkcs.CertificationRequest csr)
      Gets the size in bits of the public key in the CSR.
      Parameters:
      csr - Certificate request.
      Returns:
      Public key size in bits.
      Throws:
      IllegalArgumentException - if CSR specifies a key algorithm other than RSA or EC.
      CryptoException - on errors creating a public key from data in the CSR.
    • generateCsr

      public static org.bouncycastle.pkcs.PKCS10CertificationRequest generateCsr(KeyPair keyPair, String subjectDN, String... subjectAltNames)
      Generates a CSR given a key pair, subject DN, and optional subject alternative names.
      Parameters:
      keyPair - Key pair.
      subjectDN - Subject distinguished name, e.g. "CN=host.example.org, DC=example, DC=org".
      subjectAltNames - Zero or more DNS subject alternative names.
      Returns:
      PKCS#10 certification request. Use PKCS10CertificationRequest.toASN1Structure() to get the underlying CertificationRequest that may be used with other helper methods.
      Throws:
      IllegalArgumentException - if CSR specifies a key algorithm other than RSA or EC.
      CryptoException - on errors generating the CSR from data provided.