IT. Expert System.

Android Reference

X509Certificate


java.security.cert

Class X509Certificate

  • All Implemented Interfaces:
    Serializable, X509Extension
    Direct Known Subclasses:
    TestCertUtils.TestX509Certificate, X509CertImpl


    public abstract class X509Certificate
    extends Certificate
    implements X509Extension
    Abstract base class for X.509 certificates.

    This represents a standard way for accessing the attributes of X.509 certificates.

    The basic X.509 v3 format described in ASN.1:

     Certificate  ::=  SEQUENCE  {
         tbsCertificate       TBSCertificate,
         signatureAlgorithm   AlgorithmIdentifier,
         signature            BIT STRING  }
    
     TBSCertificate  ::=  SEQUENCE  {
          version         [0]  EXPLICIT Version DEFAULT v1,
          serialNumber         CertificateSerialNumber,
          signature            AlgorithmIdentifier,
          issuer               Name,
          validity             Validity,
          subject              Name,
          subjectPublicKeyInfo SubjectPublicKeyInfo,
          issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
                               -- If present, version must be v2 or v3
          subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
                               -- If present, version must be v2 or v3
          extensions      [3]  EXPLICIT Extensions OPTIONAL
                               -- If present, version must be v3
          }
     

    For more information consult RFC 2459 "Internet X.509 Public Key Infrastructure Certificate and CRL Profile" at http://www.ietf.org/rfc/rfc2459.txt .

    See Also:
    Serialized Form
    • Constructor Detail

      • X509Certificate

        protected X509Certificate()
        Creates a new X509Certificate.
    • Method Detail

      • getVersion

        public abstract int getVersion()
        Returns the certificates version (version number).

        The version defined is ASN.1:

         Version ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
         
        Returns:
        the version number.
      • getSerialNumber

        public abstract BigInteger getSerialNumber()
        Returns the serialNumber of the certificate.

        The ASN.1 definition of serialNumber:

         CertificateSerialNumber  ::=  INTEGER
         
        Returns:
        the serial number.
      • getIssuerDN

        public abstract Principal getIssuerDN()
        Returns the issuer (issuer distinguished name) as an implementation specific Principal object.

        The ASN.1 definition of issuer:

          issuer      Name
        
          Name ::= CHOICE {
              RDNSequence }
        
            RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
        
            RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
        
            AttributeTypeAndValue ::= SEQUENCE {
              type     AttributeType,
              value    AttributeValue }
        
            AttributeType ::= OBJECT IDENTIFIER
        
            AttributeValue ::= ANY DEFINED BY AttributeType
         
        replaced by: getIssuerX500Principal().
        Returns:
        the issuer as an implementation specific Principal.
      • getIssuerX500Principal

        public X500Principal getIssuerX500Principal()
        Returns the issuer (issuer distinguished name) as an X500Principal.
        Returns:
        the issuer (issuer distinguished name).
      • getSubjectDN

        public abstract Principal getSubjectDN()
        Returns the subject (subject distinguished name) as an implementation specific Principal object.

        The ASN.1 definition of subject:

         subject      Name
        
          Name ::= CHOICE {
              RDNSequence }
        
            RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
        
            RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
        
            AttributeTypeAndValue ::= SEQUENCE {
              type     AttributeType,
              value    AttributeValue }
        
            AttributeType ::= OBJECT IDENTIFIER
        
            AttributeValue ::= ANY DEFINED BY AttributeType
         

        replaced by: getSubjectX500Principal().

        Returns:
        the subject (subject distinguished name).
      • getSubjectX500Principal

        public X500Principal getSubjectX500Principal()
        Returns the subject (subject distinguished name) as an X500Principal.
        Returns:
        the subject (subject distinguished name)
      • getNotBefore

        public abstract Date getNotBefore()
        Returns the notBefore date from the validity period of the certificate.
        Returns:
        the start of the validity period.
      • getNotAfter

        public abstract Date getNotAfter()
        Returns the notAfter date of the validity period of the certificate.
        Returns:
        the end of the validity period.
      • getTBSCertificate

        public abstract byte[] getTBSCertificate()
                                          throws CertificateEncodingException
        Returns the tbsCertificate information from this certificate in DER-encoded format.
        Returns:
        the DER-encoded certificate information.
        Throws:
        CertificateEncodingException - if an error occurs in encoding
      • getSignature

        public abstract byte[] getSignature()
        Returns the raw signature bits from the certificate.
        Returns:
        the raw signature bits from the certificate.
      • getSigAlgName

        public abstract String getSigAlgName()
        Returns the name of the algorithm for the certificate signature.
        Returns:
        the signature algorithm name.
      • getSigAlgOID

        public abstract String getSigAlgOID()
        Returns the OID of the signature algorithm from the certificate.
        Returns:
        the OID of the signature algorithm.
      • getSigAlgParams

        public abstract byte[] getSigAlgParams()
        Returns the parameters of the signature algorithm in DER-encoded format.
        Returns:
        the parameters of the signature algorithm, or null if none are used.
      • getIssuerUniqueID

        public abstract boolean[] getIssuerUniqueID()
        Returns the issuerUniqueID from the certificate.
        Returns:
        the issuerUniqueID or null if there's none in the certificate.
      • getSubjectUniqueID

        public abstract boolean[] getSubjectUniqueID()
        Returns the subjectUniqueID from the certificate.
        Returns:
        the subjectUniqueID or null if there's none in the certificate.
      • getKeyUsage

        public abstract boolean[] getKeyUsage()
        Returns the KeyUsage extension as a boolean array.

        The ASN.1 definition of KeyUsage:

         KeyUsage ::= BIT STRING {
              digitalSignature        (0),
              nonRepudiation          (1),
              keyEncipherment         (2),
              dataEncipherment        (3),
              keyAgreement            (4),
              keyCertSign             (5),
              cRLSign                 (6),
              encipherOnly            (7),
              decipherOnly            (8) }
        
         
        Returns:
        the KeyUsage extension or null if there's none in the certificate.
      • getExtendedKeyUsage

        public List<String> getExtendedKeyUsage()
                                         throws CertificateParsingException
        Returns a read-only list of OID strings representing the ExtKeyUsageSyntax field of the extended key usage extension.
        Returns:
        the extended key usage extension, or null if there's none in the certificate.
        Throws:
        CertificateParsingException - if the extension decoding fails.
      • getBasicConstraints

        public abstract int getBasicConstraints()
        Returns the path length of the certificate constraints from the BasicContraints extension.
        Returns:
        the path length of the certificate constraints if the extension is present or -1 if the extension is not present. Integer.MAX_VALUE if there's not limit.
      • getSubjectAlternativeNames

        public Collection<List<?>> getSubjectAlternativeNames()
                                                       throws CertificateParsingException
        Returns a read-only list of the subject alternative names from the SubjectAltName extension.

        The ASN.1 definition of SubjectAltName:

         SubjectAltName ::= GeneralNames
        
         GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
        
         GeneralName ::= CHOICE {
              otherName                       [0]     AnotherName,
              rfc822Name                      [1]     IA5String,
              dNSName                         [2]     IA5String,
              x400Address                     [3]     ORAddress,
              directoryName                   [4]     Name,
              ediPartyName                    [5]     EDIPartyName,
              uniformResourceIdentifier       [6]     IA5String,
              iPAddress                       [7]     OCTET STRING,
              registeredID                    [8]     OBJECT IDENTIFIER }
        
         
        Returns:
        the subject alternative names or null if there are none in the certificate.
        Throws:
        CertificateParsingException - if decoding of the extension fails.
      • getIssuerAlternativeNames

        public Collection<List<?>> getIssuerAlternativeNames()
                                                      throws CertificateParsingException
        Returns a read-only list of the issuer alternative names from the IssuerAltName extension.

        The ASN.1 definition of IssuerAltName:

         IssuerAltName ::= GeneralNames
        
         GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
        
         GeneralName ::= CHOICE {
              otherName                       [0]     AnotherName,
              rfc822Name                      [1]     IA5String,
              dNSName                         [2]     IA5String,
              x400Address                     [3]     ORAddress,
              directoryName                   [4]     Name,
              ediPartyName                    [5]     EDIPartyName,
              uniformResourceIdentifier       [6]     IA5String,
              iPAddress                       [7]     OCTET STRING,
              registeredID                    [8]     OBJECT IDENTIFIER }
        
         
        Returns:
        the issuer alternative names of null if there are none in the certificate.
        Throws:
        CertificateParsingException - if decoding of the extension fails.


Content

Android Reference

Java basics

Java Enterprise Edition (EE)

Java Standard Edition (SE)

SQL

HTML

PHP

CSS

Java Script

MYSQL

JQUERY

VBS

REGEX

C

C++

C#

Design patterns

RFC (standard status)

RFC (proposed standard status)

RFC (draft standard status)

RFC (informational status)

RFC (experimental status)

RFC (best current practice status)

RFC (historic status)

RFC (unknown status)

IT dictionary

License.
All information of this service is derived from the free sources and is provided solely in the form of quotations. This service provides information and interfaces solely for the familiarization (not ownership) and under the "as is" condition.
Copyright 2016 © ELTASK.COM. All rights reserved.
Site is optimized for mobile devices.
Downloads: 114 / 158677048. Delta: 0.09339 с