X509Certificate

public abstract class X509Certificate extends Certificate

Abstract base class for X.509 certificates.

This represents a standard way for accessing the attributes of X.509 v1 certificates.

Note: This package is provided only for compatibility reasons. It contains a simplified version of the java.security.cert package that was previously used by JSSE (Java SSL package). All applications that do not have to be compatible with older versions of JSSE (that is before Java SDK 1.5) should only use java.security.cert.

Public Constructor Summary

X509Certificate()
Creates a new X509Certificate.

Public Method Summary

abstract void
checkValidity()
Checks whether the certificate is currently valid.
abstract void
checkValidity(Date date)
Checks whether the certificate is valid at the specified date.
final static X509Certificate
getInstance(byte[] certData)
Creates a new X509Certificate and initializes it from the specified byte array.
final static X509Certificate
getInstance(InputStream inStream)
Creates a new X509Certificate and initializes it from the specified input stream.
abstract Principal
getIssuerDN()
Returns the issuer (issuer distinguished name) as an implementation specific Principal object.
abstract Date
getNotAfter()
Returns the notAfter date of the validity period of the certificate.
abstract Date
getNotBefore()
Returns the notBefore date from the validity period of the certificate.
abstract BigInteger
getSerialNumber()
Returns the serialNumber of the certificate.
abstract String
getSigAlgName()
Returns the name of the algorithm for the certificate signature.
abstract String
getSigAlgOID()
Returns the OID of the signature algorithm from the certificate.
abstract byte[]
getSigAlgParams()
Returns the parameters of the signature algorithm in DER-encoded format.
abstract Principal
getSubjectDN()
Returns the subject (subject distinguished name) as an implementation specific Principal object.
abstract int
getVersion()
Returns the certificates version (version number).

Inherited Method Summary

Public Constructors

public X509Certificate ()

Creates a new X509Certificate.

Public Methods

public abstract void checkValidity ()

Checks whether the certificate is currently valid.

The validity defined in ASN.1:

 validity             Validity

 Validity ::= SEQUENCE {
      notBefore       CertificateValidityDate,
      notAfter        CertificateValidityDate }

 CertificateValidityDate ::= CHOICE {
      utcTime         UTCTime,
      generalTime     GeneralizedTime }
 

Throws
CertificateExpiredException if the certificate has expired.
CertificateNotYetValidException if the certificate is not yet valid.

public abstract void checkValidity (Date date)

Checks whether the certificate is valid at the specified date.

Parameters
date the date to check the validity against.
Throws
CertificateExpiredException if the certificate has expired.
CertificateNotYetValidException if the certificate is not yet valid.
See Also

public static final X509Certificate getInstance (byte[] certData)

Creates a new X509Certificate and initializes it from the specified byte array.

Parameters
certData byte array containing data to initialize the certificate.
Returns
  • the certificate initialized from the specified byte array
Throws
CertificateException if the certificate cannot be created or initialized.

public static final X509Certificate getInstance (InputStream inStream)

Creates a new X509Certificate and initializes it from the specified input stream.

Parameters
inStream input stream containing data to initialize the certificate.
Returns
  • the certificate initialized from the specified input stream
Throws
CertificateException if the certificate cannot be created or initialized.

public abstract Principal getIssuerDN ()

Returns the issuer (issuer distinguished name) as an implementation specific Principal object.

The ASN.1 definition of issuer:

  issuer      Name

  Name ::= CHOICE {
      RDNSequence }

    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

    AttributeTypeAndValue ::= SEQUENCE {
      type     AttributeType,
      value    AttributeValue }

    AttributeType ::= OBJECT IDENTIFIER

    AttributeValue ::= ANY DEFINED BY AttributeType
 

Returns
  • the issuer as an implementation specific Principal.

public abstract Date getNotAfter ()

Returns the notAfter date of the validity period of the certificate.

Returns
  • the end of the validity period.

public abstract Date getNotBefore ()

Returns the notBefore date from the validity period of the certificate.

Returns
  • the start of the validity period.

public abstract BigInteger getSerialNumber ()

Returns the serialNumber of the certificate.

The ASN.1 definition of serialNumber:

 CertificateSerialNumber  ::=  INTEGER
 

Returns
  • the serial number.

public abstract String getSigAlgName ()

Returns the name of the algorithm for the certificate signature.

Returns
  • the signature algorithm name.

public abstract String getSigAlgOID ()

Returns the OID of the signature algorithm from the certificate.

Returns
  • the OID of the signature algorithm.

public abstract byte[] getSigAlgParams ()

Returns the parameters of the signature algorithm in DER-encoded format.

Returns
  • the parameters of the signature algorithm, or null if none are used.

public abstract Principal getSubjectDN ()

Returns the subject (subject distinguished name) as an implementation specific Principal object.

The ASN.1 definition of subject:

 subject      Name

  Name ::= CHOICE {
      RDNSequence }

    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

    AttributeTypeAndValue ::= SEQUENCE {
      type     AttributeType,
      value    AttributeValue }

    AttributeType ::= OBJECT IDENTIFIER

    AttributeValue ::= ANY DEFINED BY AttributeType
 

Returns
  • the subject (subject distinguished name).

public abstract int getVersion ()

Returns the certificates version (version number).

The version defined is ASN.1:

 Version ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
 

Returns
  • the version number.