1 /**
2 *
3 * Copyright 2005 The Apache Software Foundation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 package org.apache.geronimo.util;
18
19 import org.apache.geronimo.util.encoders.HexEncoder;
20
21 import java.security.cert.Certificate;
22 import java.security.cert.CertificateEncodingException;
23 import java.security.NoSuchAlgorithmException;
24 import java.security.MessageDigest;
25 import java.io.IOException;
26 import java.io.ByteArrayOutputStream;
27 import java.util.regex.Matcher;
28 import java.util.regex.Pattern;
29
30 /**
31 * Various utility functions for dealing with X.509 certificates
32 *
33 * @version $Rev: 410741 $ $Date: 2006-05-31 21:35:48 -0700 (Wed, 31 May 2006) $
34 */
35 public class CertificateUtil {
36 public static String generateFingerprint(Certificate cert, String digestAlgorithm) throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
37 MessageDigest md = MessageDigest.getInstance(digestAlgorithm);
38 byte[] digest = md.digest(cert.getEncoded());
39 ByteArrayOutputStream out = new ByteArrayOutputStream(digest.length*2);
40 new HexEncoder().encode(digest, 0, digest.length, out);
41 String all = new String(out.toByteArray(), "US-ASCII").toUpperCase();
42 Matcher matcher = Pattern.compile("..").matcher(all);
43 StringBuffer buf = new StringBuffer();
44 while(matcher.find()) {
45 if(buf.length() > 0) {
46 buf.append(":");
47 }
48 buf.append(matcher.group());
49 }
50 return buf.toString();
51 }
52 }