Class AcmeUtils

java.lang.Object
org.shredzone.acme4j.toolbox.AcmeUtils

public final class AcmeUtils extends Object
Contains utility methods that are frequently used for the ACME protocol.

This class is internal. You may use it in your own code, but be warned that methods may change their signature or disappear without prior announcement.

  • Method Details

    • sha256hash

      public static byte[] sha256hash(String z)
      Computes a SHA-256 hash of the given string.
      Parameters:
      z - String to hash
      Returns:
      Hash
    • hexEncode

      public static String hexEncode(byte[] data)
      Hex encodes the given byte array.
      Parameters:
      data - byte array to hex encode
      Returns:
      Hex encoded string of the data (with lower case characters)
    • base64UrlEncode

      public static String base64UrlEncode(byte[] data)
      Base64 encodes the given byte array, using URL style encoding.
      Parameters:
      data - byte array to base64 encode
      Returns:
      base64 encoded string
    • base64UrlDecode

      public static byte[] base64UrlDecode(String base64)
      Base64 decodes to a byte array, using URL style encoding.
      Parameters:
      base64 - base64 encoded string
      Returns:
      decoded data
    • isValidBase64Url

      public static boolean isValidBase64Url(@Nullable String base64)
      Validates that the given String is a valid base64url encoded value.
      Parameters:
      base64 - String to validate
      Returns:
      true: String contains a valid base64url encoded value. false if the String was null or contained illegal characters.
      Since:
      2.6
    • toAce

      public static String toAce(String domain)
      ASCII encodes a domain name.

      The conversion is done as described in RFC 3490. Additionally, all leading and trailing white spaces are trimmed, and the result is lowercased.

      It is safe to pass in ACE encoded domains, they will be returned unchanged.

      Parameters:
      domain - Domain name to encode
      Returns:
      Encoded domain name, white space trimmed and lower cased.
    • parseTimestamp

      public static Instant parseTimestamp(String str)
      Parses a RFC 3339 formatted date.
      Parameters:
      str - Date string
      Returns:
      Instant that was parsed
      Throws:
      IllegalArgumentException - if the date string was not RFC 3339 formatted
      See Also:
    • localeToLanguageHeader

      public static String localeToLanguageHeader(@Nullable Locale locale)
      Converts the given locale to an Accept-Language header value.
      Parameters:
      locale - Locale to be used in the header
      Returns:
      Value that can be used in an Accept-Language header
    • stripErrorPrefix

      @Nullable public static String stripErrorPrefix(@Nullable String type)
      Strips the acme error prefix from the error string.

      For example, for "urn:ietf:params:acme:error:unauthorized", "unauthorized" is returned.

      Parameters:
      type - Error type to strip the prefix from. null is safe.
      Returns:
      Stripped error type, or null if the prefix was not found.
    • writeToPem

      public static void writeToPem(byte[] encoded, AcmeUtils.PemLabel label, Writer out) throws IOException
      Writes an encoded key or certificate to a file in PEM format.
      Parameters:
      encoded - Encoded data to write
      label - AcmeUtils.PemLabel to be used
      out - Writer to write to. It will not be closed after use!
      Throws:
      IOException
    • getContentType

      @Nullable public static String getContentType(@Nullable String header)
      Extracts the content type of a Content-Type header.
      Parameters:
      header - Content-Type header
      Returns:
      Content-Type, or null if the header was invalid or empty
      Throws:
      AcmeProtocolException - if the Content-Type header contains a different charset than "utf-8".
    • validateContact

      public static void validateContact(URI contact)
      Validates a contact URI.
      Parameters:
      contact - Contact URI to validate
      Throws:
      IllegalArgumentException - if the contact URI is not suitable for account contacts.
    • getRenewalUniqueIdentifier

      public static String getRenewalUniqueIdentifier(X509Certificate certificate)
      Returns the certificate's unique identifier for renewal according to draft-ietf-acme-ari-03.
      Parameters:
      certificate - Certificate to get the unique identifier for.
      Returns:
      Unique identifier
      Throws:
      AcmeProtocolException - if the certificate is invalid or does not provide the necessary information.