iaik.security.ssl
Class Utils

java.lang.Object
  iaik.security.ssl.Utils

public class Utils
extends java.lang.Object

Some basic utility methods.

Field Summary

static java.lang.String	PROPERTYNAME_HTTPS_NON_PROXY_HOSTS Constant string "https.nonProxyHosts".
static java.lang.String	PROPERTYNAME_HTTPS_PROXY_HOST Constant string "https.proxyHost".
static java.lang.String	PROPERTYNAME_HTTPS_PROXY_PASSWORD Constant string "https.proxyPassword".
static java.lang.String	PROPERTYNAME_HTTPS_PROXY_PORT Constant string "https.proxyPort".
static java.lang.String	PROPERTYNAME_HTTPS_PROXY_USER Constant string "https.proxyUser".

Method Summary

static byte[]	base64Encode(byte[] in) Encodes a binary byte array into Base64.
static java.lang.String	certTypeToString(int certType) Return a string description of a certificate type.
static boolean	equalsBlock(byte[] a, byte[] b) Check two blocks for equality.
static boolean	equalsBlock(byte[] a, int aOff, byte[] b, int bOff, int len) Check two blocks for equality.
static java.security.KeyPair	generateKeyPair(java.security.KeyPairGenerator kpg) Generate a keypair in a way compatible with both JDK 1.1 and JDK 1.2.
static java.io.BufferedReader	getASCIIReader(java.io.InputStream in) Get a reader that returns data from the stream assuming ASCII encoding is used.
static java.io.PrintWriter	getASCIIWriter(java.io.OutputStream out) Get a writer that writes data to the stream in ASCII encoding is used.
static java.io.PrintWriter	getASCIIWriter(java.io.OutputStream out, boolean autoflush) Get a writer that writes data to the stream in ASCII encoding is used.
static int	getCertificateType(java.security.cert.X509Certificate cert) Get the type of a certificate.
static int	getCertificateType(java.security.cert.X509Certificate[] certChain) Get the type of a certificate.
static int	getCertificateTypeWithoutKeyUsage(java.security.cert.X509Certificate cert) Get the type of a certificate.
static int	getCertificateTypeWithoutKeyUsage(java.security.cert.X509Certificate[] certChain) Get the type of a certificate.
static java.lang.String	getVersionString(int version) Returns a String representation of the SSL version number.
static SSLSocket	proxyConnect(java.net.InetAddress address, int port, SSLContext context) Connects to the specified host via HTTPS proxy (if set via properties).
static SSLSocket	proxyConnect(java.net.InetAddress address, int port, SSLContext context, java.net.InetAddress proxyAddress, int proxyPort) Connects to the specified host via HTTPS proxy.
static SSLSocket	proxyConnect(java.lang.String host, int port, SSLContext context) Connects to the specified host via HTTPS proxy (if set via properties).
static SSLSocket	proxyConnect(java.lang.String host, int port, SSLContext context, java.net.InetAddress proxyAddress, int proxyPort) Connects to the specified host via HTTPS proxy.
static SSLSocket	proxyConnect(java.lang.String host, int port, SSLContext context, java.net.Socket proxySocket) Connects to the specified host via HTTPS proxy.
static SSLSocket	proxyConnect(java.lang.String host, int port, SSLContext context, java.net.Socket proxySocket, java.lang.String authenticationMechanism, java.lang.String authenticationMessage, int timeout) Connects to the specified host via HTTPS proxy.
static java.lang.String	toString(byte[] b) Returns a hexadecimal representation of the contents of the given byte array.
static java.lang.String	toString(int a)
static java.lang.String	versionToName(int version) Gets a the protocol version name of the given version number.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PROPERTYNAME_HTTPS_PROXY_HOST

public static final java.lang.String PROPERTYNAME_HTTPS_PROXY_HOST

Constant string "https.proxyHost". Property specifying a HTTPS proxy (if set)

See Also:

Constant Field Values

PROPERTYNAME_HTTPS_PROXY_PORT

public static final java.lang.String PROPERTYNAME_HTTPS_PROXY_PORT

Constant string "https.proxyPort". Property specifying a HTTPS proxy (if set)

See Also:

Constant Field Values

PROPERTYNAME_HTTPS_PROXY_USER

public static final java.lang.String PROPERTYNAME_HTTPS_PROXY_USER

Constant string "https.proxyUser". Property specifying a ueser name for proxy authentication (if set)

See Also:

Constant Field Values

PROPERTYNAME_HTTPS_PROXY_PASSWORD

public static final java.lang.String PROPERTYNAME_HTTPS_PROXY_PASSWORD

Constant string "https.proxyPassword". Property specifying a password for proxy authentication (if set)

See Also:

Constant Field Values

PROPERTYNAME_HTTPS_NON_PROXY_HOSTS

public static final java.lang.String PROPERTYNAME_HTTPS_NON_PROXY_HOSTS

Constant string "https.nonProxyHosts". Property specifying a list (e.g. "*.tugraz.at|www.iaik.at) of hosts for which no proxy (if one has been configured) shall be used.

See Also:

Constant Field Values

Method Detail

equalsBlock

public static boolean equalsBlock(byte[] a,
                                  int aOff,
                                  byte[] b,
                                  int bOff,
                                  int len)

Check two blocks for equality. The specified sub blocks of the given byte arrays are checked for equality.

Parameters:

a - the first byte array to be compared

aOff - the offset indicating the start position of the sub-block of a

b - the second byte array to be compared

bOff - the offset indicating the start position of the sub-block of b

len - the number of bytes to be compared

Returns:

true, if the two sub-blocks are equal, false otherwise

equalsBlock

public static boolean equalsBlock(byte[] a,
                                  byte[] b)

Check two blocks for equality.

Parameters:

a - the first byte array to be compared

b - the second byte array to be compared

Returns:

true, if the two blocks are equal, false otherwise

toString

public static java.lang.String toString(byte[] b)

Returns a hexadecimal representation of the contents of the given byte array.

Parameters:

b - the byte array for which to get a hexadecimal representation

Returns:

the hexadecimal String representation

toString

public static java.lang.String toString(int a)

versionToName

public static java.lang.String versionToName(int version)

Gets a the protocol version name of the given version number.

Parameters:

version - the version number as integer

Returns:

the protocol version name ("SSL20", "SSL30", "TLS10", "TLS11" or "TLS12")

Throws:

java.lang.IllegalArgumentException - if the given protocol is not supported

proxyConnect

public static SSLSocket proxyConnect(java.net.InetAddress address,
                                     int port,
                                     SSLContext context)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy (if set via properties). If the HTTPS proxy properties are set and the target host is not registered as non-proxy host, a connection is made via the proxy, otherwise the connection is made directly. If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

address - the target host address

port - the target port

context - the SSLContext for configuring the SSLSocket

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

java.io.IOException - if an error occurs while trying to connect

proxyConnect

public static SSLSocket proxyConnect(java.lang.String host,
                                     int port,
                                     SSLContext context)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy (if set via properties). If the HTTPS proxy properties are set and the target host is not registered as non-proxy host, a connection is made via the proxy, otherwise the connection is made directly. If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

host - the target host

port - the target port

context - the SSLContext for configuring the SSLSocket

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

java.io.IOException - if an error occurs while trying to connect

proxyConnect

public static SSLSocket proxyConnect(java.net.InetAddress address,
                                     int port,
                                     SSLContext context,
                                     java.net.InetAddress proxyAddress,
                                     int proxyPort)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy. If proxyAddress is not null a connection is made via the proxy, otherwise the connection is made directly. If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

address - the address target host

port - the target port

context - the SSLContext for configuring the SSLSocket

proxyAddress - the address of the proxy

proxyPort - the port of the proxy

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

IOExcaption - if an error occurs while trying to connect

java.io.IOException

proxyConnect

public static SSLSocket proxyConnect(java.lang.String host,
                                     int port,
                                     SSLContext context,
                                     java.net.InetAddress proxyAddress,
                                     int proxyPort)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy. If proxyAddress is not null a connection is made via the proxy, otherwise the connection is made directly. If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

host - the target host

port - the target port

context - the SSLContext for configuring the SSLSocket

proxyAddress - the address of the proxy

proxyPort - the port of the proxy

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

IOExcaption - if an error occurs while trying to connect

java.io.IOException

proxyConnect

public static SSLSocket proxyConnect(java.lang.String host,
                                     int port,
                                     SSLContext context,
                                     java.net.Socket proxySocket)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy. This method assumes that the calling application already has created a socket for communicating with the proxy. If no proxySocket is specified the connection is made directly, otherwiseis the connection is made via the proxy, If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

host - the target host

port - the target port

context - the SSLContext for configuring the SSLSocket

proxySocket - the socket for talking with the proxy

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

java.io.IOException - if an error occurs while trying to connect

proxyConnect

public static SSLSocket proxyConnect(java.lang.String host,
                                     int port,
                                     SSLContext context,
                                     java.net.Socket proxySocket,
                                     java.lang.String authenticationMechanism,
                                     java.lang.String authenticationMessage,
                                     int timeout)
                              throws java.io.IOException

Connects to the specified host via HTTPS proxy. This method assumes that the calling application already has created a socket for communicating with the proxy. If no proxySocket is specified the connection is made directly, otherwise the connection is made via the proxy, If an error occurs connecting through the proxy an IOException is thrown.

Parameters:

host - the target host

port - the target port

context - the SSLContext for configuring the SSLSocket

proxySocket - the socket for talking with the proxy

authenticationMechanism - the authentication mechanism (e.g. "Basic..."); must not be set by the application (i.e. can be null)

authenticationMessage - the authentication string specifying authentication method (e.g. "Basic" and base64 encoded proxy username and password; maybe null in which case proxy username and password have to be set via system properties "https.proxyUser" and "https.proxyPassword"

timeout - the timeout for the proxy response (default: 30 seconds)

Returns:

the SSLSocket for talking with the target host via a proxy

Throws:

java.io.IOException - if an error occurs while trying to connect

getCertificateType

public static int getCertificateType(java.security.cert.X509Certificate cert)

Get the type of a certificate. This method returns one of the CERTTYPE constants from SSLContext. The certificate type maybe CERTTYPE_UNKNOWN if the certificate is of unknown type or is inappropriate for the indented type (e.g. if, for instance, a DSA certificate contains a KeyUsage extension with non-signing capability)

Parameters:

cert - the certificate for which to get the cert type

Returns:

the certificate type

getCertificateType

public static int getCertificateType(java.security.cert.X509Certificate[] certChain)

Get the type of a certificate. This method returns one of the CERTTYPE constants from SSLContext. The certificate type maybe CERTTYPE_UNKNOWN if the certificate is of unknown type or is inappropriate for the indented type (e.g. if, for instance, a DSA certificate contains a KeyUsage extension with non-signing capability)

Parameters:

certChain - the certificate chain for which to get the cert type (for the certificate at index 0)

Returns:

the certificate type

getCertificateTypeWithoutKeyUsage

public static int getCertificateTypeWithoutKeyUsage(java.security.cert.X509Certificate cert)

Get the type of a certificate. This method returns one of the CERTTYPE constants from SSLContext. Old implementation. Only uses KeyUsage for ECC certs

Parameters:

cert - the certificate for which to get the cert type

Returns:

the certificate type

getCertificateTypeWithoutKeyUsage

public static int getCertificateTypeWithoutKeyUsage(java.security.cert.X509Certificate[] certChain)

Get the type of a certificate. This method returns one of the CERTTYPE constants from SSLContext. Old implementation. Only uses KeyUsage for ECC certs

Parameters:

certChain - the certificate chain for which to get the cert type (for the certificate at index 0)

Returns:

the certificate type

certTypeToString

public static java.lang.String certTypeToString(int certType)

Return a string description of a certificate type.

Parameters:

certType - the certificate type for which to get a string description

Returns:

the string description of the certificate type

getASCIIReader

public static java.io.BufferedReader getASCIIReader(java.io.InputStream in)

Get a reader that returns data from the stream assuming ASCII encoding is used. This is useful when connecting over the network as both peers obviously have to use the same encoding which is defined as ASCII for most common text protocols (HTTP, HTTPS, etc.).

getASCIIWriter

public static java.io.PrintWriter getASCIIWriter(java.io.OutputStream out)

Get a writer that writes data to the stream in ASCII encoding is used. This is useful when connecting over the network as both peers obviously have to use the same encoding which is defined as ASCII for most common text protocols (HTTP, HTTPS, etc.).

getASCIIWriter

public static java.io.PrintWriter getASCIIWriter(java.io.OutputStream out,
                                                 boolean autoflush)

Get a writer that writes data to the stream in ASCII encoding is used. This is useful when connecting over the network as both peers obviously have to use the same encoding which is defined as ASCII for most common text protocols (HTTP, HTTPS, etc.). The autoflush parameter specifies if the PrintWriter is to be created with autoflush set.

getVersionString

public static java.lang.String getVersionString(int version)

Returns a String representation of the SSL version number.

Parameters:

version - the SSL version number

Returns:

a String representation of the version number ("SSL 2.0", "SSL 3.0", "TLS 1.0",...)

generateKeyPair

public static java.security.KeyPair generateKeyPair(java.security.KeyPairGenerator kpg)

Generate a keypair in a way compatible with both JDK 1.1 and JDK 1.2. The problem arises due to the fact that the generateKeyPair() method from JDK 1.1 was removed in JDK 1.2 and not reintroduced until JDK 1.3 (why?). This method uses reflection to invoke either generateKeyPair() or genKeyPair(), whichever is available.

base64Encode

public static byte[] base64Encode(byte[] in)
                           throws java.io.IOException

Encodes a binary byte array into Base64.

Base64 is the encoding format used by Multipurpose Internet Mail Extension (Mime) for transmitting non-text material over text-only communications channels. Base64 is based on a 65-character subset of US-ASCII, enabling 6 bits to be represented per printable character (see RFC 1521).

Parameters:

in - the binary data to be Base64 encoded

Returns:

the Base64 encoded data

Throws:

java.io.IOException