SSLUtil (rest-api-sdk 1.14.0 API)

java.lang.Object
- com.paypal.base.SSLUtil

public abstract class SSLUtil
extends java.lang.Object

Class SSLUtil

Constructor Summary

Constructors
Constructor and Description

SSLUtil()

Constructors
Constructor and Description
`SSLUtil()`

Method Summary

All Methods Static Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`static long`	`crc32(java.lang.String data)` Generates a CRC 32 Value of String passed
`static java.io.InputStream`	`downloadCertificateFromPath(java.lang.String urlPath)` Deprecated. Please use `downloadCertificateFromPath(String, Map)` instead.
`static java.io.InputStream`	`downloadCertificateFromPath(java.lang.String urlPath, java.util.Map<java.lang.String,java.lang.String> configurations)` Downloads Certificate from URL
`static java.util.Collection<java.security.cert.X509Certificate>`	`getCertificateFromStream(java.io.InputStream stream)` Generate Collection of Certificate from Input Stream
`static javax.net.ssl.SSLContext`	`getSSLContext(javax.net.ssl.KeyManager[] keymanagers)` Returns a SSLContext
`static javax.net.ssl.SSLContext`	`setupClientSSL(java.lang.String certPath, java.lang.String certPassword)` Create a SSLContext with provided client certificate
`static boolean`	`validateCertificateChain(java.util.Collection<java.security.cert.X509Certificate> clientCerts, java.util.Collection<java.security.cert.X509Certificate> trustCerts, java.lang.String authType)` Performs Certificate Chain Validation on provided certificates.
`static java.lang.Boolean`	`validateData(java.util.Collection<java.security.cert.X509Certificate> clientCerts, java.lang.String algo, java.lang.String actualSignatureEncoded, java.lang.String expectedSignature, java.lang.String requestBody, java.lang.String webhookId)` Validates Webhook Signature validation based on https://developer.paypal.com/docs/integration/direct/rest-webhooks-overview/#event-signature Returns true if signature is valid

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- SSLUtil
```
public SSLUtil()
```

Method Detail

getSSLContext

public static javax.net.ssl.SSLContext getSSLContext(javax.net.ssl.KeyManager[] keymanagers)
                                              throws SSLConfigurationException

Returns a SSLContext

Parameters:: keymanagers - KeyManager[] The key managers
Returns:: SSLContext with proper client certificate
Throws:: SSLConfigurationException

setupClientSSL

public static javax.net.ssl.SSLContext setupClientSSL(java.lang.String certPath,
                                                      java.lang.String certPassword)
                                               throws SSLConfigurationException

Create a SSLContext with provided client certificate

Parameters:: certPath -; certPassword -
Returns:: SSLContext
Throws:: SSLConfigurationException

validateCertificateChain
```
public static boolean validateCertificateChain(java.util.Collection<java.security.cert.X509Certificate> clientCerts,
                                               java.util.Collection<java.security.cert.X509Certificate> trustCerts,
                                               java.lang.String authType)
                                        throws PayPalRESTException
```
Performs Certificate Chain Validation on provided certificates. The method verifies if the client certificates provided are generated from root certificates trusted by application.

Parameters:

clientCerts - Collection of X509Certificates provided in request

trustCerts - Collection of X509Certificates trusted by application

authType - Auth Type for Certificate

Returns:

true if client and server are chained together, false otherwise

Throws:

PayPalRESTException

downloadCertificateFromPath
```
public static java.io.InputStream downloadCertificateFromPath(java.lang.String urlPath)
                                                       throws PayPalRESTException
```
Deprecated. Please use downloadCertificateFromPath(String, Map) instead.

Downloads Certificate from URL

Parameters:

urlPath -

Returns:

InputStream containing certificate data

Throws:

PayPalRESTException

downloadCertificateFromPath

public static java.io.InputStream downloadCertificateFromPath(java.lang.String urlPath,
                                                              java.util.Map<java.lang.String,java.lang.String> configurations)
                                                       throws PayPalRESTException

Downloads Certificate from URL

Parameters:: urlPath -; configurations - Map of configurations.
Returns:: InputStream containing certificate data
Throws:: PayPalRESTException

getCertificateFromStream

public static java.util.Collection<java.security.cert.X509Certificate> getCertificateFromStream(java.io.InputStream stream)
                                                                                         throws PayPalRESTException

Generate Collection of Certificate from Input Stream

Parameters:: stream - InputStream of Certificate data
Returns:: Collection
Throws:: PayPalRESTException

crc32
```
public static long crc32(java.lang.String data)
```
Generates a CRC 32 Value of String passed

Parameters:

data -

Returns:

long crc32 value of input. -1 if string is null

Throws:

java.lang.RuntimeException - if UTF-8 is not a supported character set

validateData

public static java.lang.Boolean validateData(java.util.Collection<java.security.cert.X509Certificate> clientCerts,
                                             java.lang.String algo,
                                             java.lang.String actualSignatureEncoded,
                                             java.lang.String expectedSignature,
                                             java.lang.String requestBody,
                                             java.lang.String webhookId)
                                      throws java.security.NoSuchAlgorithmException,
                                             java.security.SignatureException,
                                             java.security.InvalidKeyException

Validates Webhook Signature validation based on https://developer.paypal.com/docs/integration/direct/rest-webhooks-overview/#event-signature Returns true if signature is valid

Parameters:: clientCerts - Client Certificates; algo - Algorithm used for signature creation by server; actualSignatureEncoded - Paypal-Transmission-Sig header value passed by server; expectedSignature - Signature generated by formatting data with CRC32 value of request body; requestBody - Request body from server; webhookId - Id for PayPal Webhook created for receiving the data
Returns:: true if signature is valid, false otherwise
Throws:: java.security.NoSuchAlgorithmException; java.security.SignatureException; java.security.InvalidKeyException

Class SSLUtil

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SSLUtil

Method Detail

getSSLContext

setupClientSSL

validateCertificateChain

downloadCertificateFromPath

downloadCertificateFromPath

getCertificateFromStream

crc32

validateData