X509CertUtils (athenz-client-common 1.10.50 API)

java.lang.Object
- com.yahoo.athenz.common.utils.X509CertUtils

public class X509CertUtils
extends Object

Constructor Summary

Constructors
Constructor and Description

X509CertUtils()

Constructors
Constructor and Description
`X509CertUtils()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static String`	`extractCn(X509Certificate cert)` extractCn returns CN portion of the Subject DN of the certificate
`static String`	`extractCn(X509Certificate[] certs)` extractCn is a helper function to extract the Subject CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static String`	`extractHostname(X509Certificate cert)` extractHostname returns the hostname found in the athenz://hostname SanURI entry
`static String`	`extractIssuerCn(X509Certificate cert)` extractIssuerCn returns the CN portion of the Issuer DN from the certificate passed in
`static String`	`extractIssuerCn(X509Certificate[] certs)` extractIssuerCn is a helper function to extract the Issuer CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static String`	`extractIssuerDn(X509Certificate cert)` extractIssuerDn returns the IssuerDN from the certificate passed in
`static String`	`extractIssuerDn(X509Certificate[] certs)` extractIssuerDn is a helper function to extract the Issuer DN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static String`	`extractItemFromURI(List<String> uriList, String item)`
`static String`	`extractKeyModulus(X509Certificate cert)` extractKeyModulus returns the modulus for the RSA public key in the certificate
`static String`	`extractKeyModulus(X509Certificate[] certs)` extractKeyModulus is a helper function to extract the Key Modulus CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static String`	`extractProvider(X509Certificate cert)` extractProvider derives the provider from athenz://instanceid San URI
`static String`	`extractRequestInstanceId(X509Certificate cert)`
`static String`	`extractRequestInstanceIdFromDnsNames(List<String> dnsNames)`
`static String`	`extractRequestInstanceIdFromURI(List<String> uriList)`
`static String`	`extractSubjectDn(X509Certificate cert)` extractSubjectDn returns the DN from the certificate passed in
`static String`	`extractSubjectDn(X509Certificate[] certs)` extracSubjectDn is a helper function to extract the Subject DN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static String`	`hexKeyMod(X509Certificate[] certs, boolean toUpperCase)` hexKeyMod returns the HEX encoded string of SHA256 of the Key Modulus of the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
`static void`	`logCert(org.slf4j.Logger certLogger, com.yahoo.athenz.auth.Principal principal, String ip, String provider, String instanceId, X509Certificate x509Cert)`
`static String`	`logRecord(com.yahoo.athenz.auth.Principal principal, String ip, String provider, String instanceId, X509Certificate x509Cert)`
`static void`	`logSSH(org.slf4j.Logger certLogger, com.yahoo.athenz.auth.Principal principal, String ip, String service, String instanceId)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - X509CertUtils
```
public X509CertUtils()
```
- Method Detail
  - extractRequestInstanceIdFromURI
```
public static String extractRequestInstanceIdFromURI(List<String> uriList)
```
  - extractProvider
```
public static String extractProvider(X509Certificate cert)
```
    extractProvider derives the provider from athenz://instanceid San URI
    
    Parameters:
    
    cert - X509Certificate
    
    Returns:
    
    provider from San URI, "" if provider is not found.
  - extractItemFromURI
```
public static String extractItemFromURI(List<String> uriList,
                                        String item)
```
  - extractRequestInstanceIdFromDnsNames
```
public static String extractRequestInstanceIdFromDnsNames(List<String> dnsNames)
```
  - extractHostname
```
public static String extractHostname(X509Certificate cert)
```
    extractHostname returns the hostname found in the athenz://hostname SanURI entry
    
    Parameters:
    
    cert - X509Certficate
    
    Returns:
    
    hostname found in SanURI, "" if no hostname is found
  - extractRequestInstanceId
```
public static String extractRequestInstanceId(X509Certificate cert)
```
  - extractKeyModulus
```
public static String extractKeyModulus(X509Certificate[] certs)
```
    extractKeyModulus is a helper function to extract the Key Modulus CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    Returns:
    
    the string representing the key modulus
  - extractKeyModulus
```
public static String extractKeyModulus(X509Certificate cert)
```
    extractKeyModulus returns the modulus for the RSA public key in the certificate
    
    Parameters:
    
    cert - X509Certificate to extract the key modulus from
    
    Returns:
    
    modulus as string, and empty "" for non RSA certificate
  - extractSubjectDn
```
public static String extractSubjectDn(X509Certificate[] certs)
```
    extracSubjectDn is a helper function to extract the Subject DN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    Returns:
    
    subject DN as a string
  - extractSubjectDn
```
public static String extractSubjectDn(X509Certificate cert)
```
    extractSubjectDn returns the DN from the certificate passed in
    
    Parameters:
    
    cert - X509Certificate to extract the Subject DN from
    
    Returns:
    
    the string representing Subject DN
  - extractCn
```
public static String extractCn(X509Certificate[] certs)
```
    extractCn is a helper function to extract the Subject CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    Returns:
    
    the string representing Subject CN
  - extractCn
```
public static String extractCn(X509Certificate cert)
```
    extractCn returns CN portion of the Subject DN of the certificate
    
    Parameters:
    
    cert - X509Certificate to extract the CN from
    
    Returns:
    
    string representing the Subject CN
  - extractIssuerDn
```
public static String extractIssuerDn(X509Certificate[] certs)
```
    extractIssuerDn is a helper function to extract the Issuer DN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    Returns:
    
    the string representing issuer DN
  - extractIssuerDn
```
public static String extractIssuerDn(X509Certificate cert)
```
    extractIssuerDn returns the IssuerDN from the certificate passed in
    
    Parameters:
    
    cert - X509Certificate to extract the DN from
    
    Returns:
    
    string with Issuer DN
  - extractIssuerCn
```
public static String extractIssuerCn(X509Certificate[] certs)
```
    extractIssuerCn is a helper function to extract the Issuer CN from the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    Returns:
    
    the string representing issuer CN
  - extractIssuerCn
```
public static String extractIssuerCn(X509Certificate cert)
```
    extractIssuerCn returns the CN portion of the Issuer DN from the certificate passed in
    
    Parameters:
    
    cert - X509Certificate to extract the Issuer CN from
    
    Returns:
    
    the string containing the issuer CN
  - hexKeyMod
```
public static String hexKeyMod(X509Certificate[] certs,
                               boolean toUpperCase)
```
    hexKeyMod returns the HEX encoded string of SHA256 of the Key Modulus of the leaf certificate present at the zeroth position in javax.servlet.request.X509Certificate
    
    Parameters:
    
    certs - an array of X509Certificate
    
    toUpperCase - to indicate whether the hex encoded result should be upper case or not
    
    Returns:
    
    the string with hex encoded of SHA256 of the Key Modulus of the leaf certificate
  - logCert
```
public static void logCert(org.slf4j.Logger certLogger,
                           com.yahoo.athenz.auth.Principal principal,
                           String ip,
                           String provider,
                           String instanceId,
                           X509Certificate x509Cert)
```
  - logSSH
```
public static void logSSH(org.slf4j.Logger certLogger,
                          com.yahoo.athenz.auth.Principal principal,
                          String ip,
                          String service,
                          String instanceId)
```
  - logRecord
```
public static String logRecord(com.yahoo.athenz.auth.Principal principal,
                               String ip,
                               String provider,
                               String instanceId,
                               X509Certificate x509Cert)
```

Class X509CertUtils

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

X509CertUtils

Method Detail

extractRequestInstanceIdFromURI

extractProvider

extractItemFromURI

extractRequestInstanceIdFromDnsNames

extractHostname

extractRequestInstanceId

extractKeyModulus

extractKeyModulus

extractSubjectDn

extractSubjectDn

extractCn

extractCn

extractIssuerDn

extractIssuerDn

extractIssuerCn

extractIssuerCn

hexKeyMod

logCert

logSSH

logRecord