All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class iaik.x509.X509Certificate

java.lang.Object
   |
   +----iaik.x509.X509Extensions
           |
           +----iaik.x509.X509Certificate

public class X509Certificate

extends X509Extensions

implements Certificate, ASN1Type

A certificate is a digitaly signed datastructure containing the following information:

• version number
• serial number
• signature algorithm identifier
• issuer name
• validity
• subject name
• public key
• issuer unique id
• subject unique id
• extensions

See Also:

X509Extensions

X509Certificate()

The default constructor is used to create a new empty certificate.

X509Certificate(byte[])

Create a X509Certificate form a PEM or DER byte array.

X509Certificate(String)

Create a X509Certificate from a file.

decode(ASN1Object)

Creates a X509Certificate form an ASN1Object.

decode(InputStream)

The decode method defined in the Certificate interface.

encode(OutputStream)

getFingerprint()

Returns the fingerprint of this certificate.

getFormat()

Returns the format of the certificate.

getGuarantor()

Returns the Guarantor of this certificate.

getIssuer()

Returns the issuer of this certificate.

getPrincipal()

Returns the Principal of this certificate.

getPublicKey()

Returns the public key of this certificate.

getSaveFormat()

Returns the file format (ASN1.DER, ASN1.PEM) of the certificate.

getSerialNumber()

Returns the serial number of this certificate.

getSignatureAlgorithm()

Returns the signature algorithm of this certificate.

getSubject()

Returns the subject of this certificate.

getValidNotAfter()

Returns the not after date of this certificate.

getValidNotBefore()

Returns the not before date of this certificate.

getVersion()

Returns the version number of this certificate.

saveToFile(String)

Saves the certificate into a file.

setIssuer(Name)

Sets the issuer of this certificate.

setPublicKey(PublicKey)

Sets the public key of this certificate.

setSaveFormat(int)

Sets the file format when saving the cert.

setSerialNumber(BigInteger)

Sets the serial number of this certificate.

setSubject(Name)

Sets the subject of this certificate.

setValidNotAfter(Date)

Sets the not after date of this certificate.

setValidNotBefore(Date)

Sets the not before date of this certificate.

setVersion(int)

Sets the version of this certificate.

sign(AlgorithmID, PrivateKey)

Signs the certificate with the private key of the issuer.

toASN1Object()

Returns the certificate as an ASN1Object.

toByteArray()

Returns the certificate in a byte array in DER format.

toString()

Returns a string that represents the contents of the certificate.

toString(boolean)

Returns a string that represents the contents of the certificate.

verify()

Verifies a self signed certificate.

verify(PublicKey)

Verifies a signed certificate using the public key of the issuer.

 public X509Certificate(String fileName) throws IOException, CertException

Create a X509Certificate from a file. The certificate can be in PEM or DER format.

Parameters:

fileName - the name of the file containing the certificate

Throws: IOException

if the certificate could not be read

Throws: CertException

if there is a problem with the certificate

 public X509Certificate(byte array[]) throws CertException

Create a X509Certificate form a PEM or DER byte array.

Parameters:

array - the byte array containing the certificate

Throws: CertException

if the format of the cert is wrong

 public X509Certificate()

The default constructor is used to create a new empty certificate. The values can be set with the setValue() methods.

 public void decode(ASN1Object certificate) throws CertException

Creates a X509Certificate form an ASN1Object.

Parameters:

certificate - the ASN1Object which contains the certificate

Throws: CertException

if there is a problem when parsing the certificate

 public void decode(InputStream is) throws IOException, KeyException

The decode method defined in the Certificate interface. At this time it just works for reading only ONE certificate from the InputStream.

Parameters:

is - the InputStream from where the certificate should be read

Throws: IOException

if something is wrong with the InputStream

Throws: KeyException

if the certificate is not properly initialized, or data is missing, etc.

 public void sign(AlgorithmID signatureAlg,
                  PrivateKey issuerPK) throws CertException, InvalidKeyException, NoSuchAlgorithmException

Signs the certificate with the private key of the issuer. This method creates a PKCS#1 standard signature.

Parameters:

signatureAlg - the AlgorithmID of the signature algorithm

issuerPK - the private key of the issuer

Throws: CertException

if the certificate could not be signed

Throws: InvalidKeyException

if the format of the key is wrong

Throws: NoSuchAlgorithmException

if there is no implementation for the specified algorithm

 public boolean verify() throws CertException

Verifies a self signed certificate.

Returns:

true if the cert is OK and valid

Throws: CertException

if the certificate could not be verified

 public boolean verify(PublicKey signerPK) throws InvalidKeyException, CertException

Verifies a signed certificate using the public key of the issuer.

Parameters:

signerPK - the public key (from signer) to verify the cert

Returns:

true if the cert is OK and valid

Throws: CertException

if the certificate could not be created

Throws: InvalidKeyException

if the format of the key is wrong

 public ASN1Object toASN1Object()

Returns the certificate as an ASN1Object.

Returns:

the certificate as ASN1Object

 public byte[] toByteArray()

Returns the certificate in a byte array in DER format. The DER format (Distinguished Encoding Rules) defines a binary representation of an abstract ASN.1 datastructure.

Returns:

the certificate in a byte array in DER format

 public void encode(OutputStream os) throws IOException

 public void saveToFile(String fileName) throws IOException

Saves the certificate into a file.

Parameters:

fileName - the name of the file

Throws: IOException

if an error occurs during saving the file

 public String getFormat()

Returns the format of the certificate.

Returns:

the format of the certificate (X.509v3)

 public Principal getGuarantor()

Returns the Guarantor of this certificate.

Returns:

the issuer of this certificate

 public Principal getPrincipal()

Returns the Principal of this certificate.

Returns:

the owner (subject) of this certificate

 public void setSaveFormat(int format)

Sets the file format when saving the cert.

Parameters:

format - ASN1.PEM or ASN1.DER

 public void setVersion(int version)

Sets the version of this certificate. The default version is 1. But if the certificate contains an issuer unique ID or a subject unique ID the version is automatically set to 2, and if the cert contains extensions the version is set to 3.

Parameters:

version - of the certificate

 public void setSerialNumber(BigInteger serialNumber)

Sets the serial number of this certificate.

Parameters:

serialNumber - the serial number of the certificate

 public void setIssuer(Name issuer)

Sets the issuer of this certificate. The issuer is the identity which signs the certificate.

Parameters:

issuer - the issuer of the certificate

 public void setValidNotBefore(Date validNotBefore)

Sets the not before date of this certificate. The certificate is not valid before this Date.

Parameters:

validNotBefore - Date when cert will be valid

 public void setValidNotAfter(Date validNotAfter)

Sets the not after date of this certificate. The certificate is not valid after this Date.

Parameters:

validNotAfter - Date after which the certificate is not valid

 public void setSubject(Name subject)

Sets the subject of this certificate.

Parameters:

subject - the subject of the cert

 public void setPublicKey(PublicKey pk)

Sets the public key of this certificate.

Parameters:

pk - the public key of the subject

 public int getSaveFormat()

Returns the file format (ASN1.DER, ASN1.PEM) of the certificate. Shows the format of the file from which the certificate was read.

Returns:

the safe format

 public int getVersion()

Returns the version number of this certificate.

Returns:

version number of the certificate

 public BigInteger getSerialNumber()

Returns the serial number of this certificate.

Returns:

the serial number of the certificate

 public AlgorithmID getSignatureAlgorithm()

Returns the signature algorithm of this certificate.

Returns:

the signature algorithm used to sign this certificate

 public Name getIssuer()

Returns the issuer of this certificate.

Returns:

the issuer of the certificate

 public Date getValidNotBefore()

Returns the not before date of this certificate.

Returns:

after this date the certificate is valid

 public Date getValidNotAfter()

Returns the not after date of this certificate.

Returns:

after this date the certificate is not valid

 public Name getSubject()

Returns the subject of this certificate. The subject of the certificate is the identity the certificate belongs to.

Returns:

the subject of the certificate

 public PublicKey getPublicKey()

Returns the public key of this certificate. This is the public key which belongs to the subject of the certificate.

Returns:

the public key of the the certificate

 public byte[] getFingerprint()

Returns the fingerprint of this certificate. This is a MD5 hash of the DER encoded certificate.

Returns:

the fingerprint of the certificate

 public String toString()

Returns a string that represents the contents of the certificate.

Returns:

the string representation

Overrides:

toString in class Object

 public String toString(boolean detailed)

Returns a string that represents the contents of the certificate.

Parameters:

detailed - whether or not to give detailed information about the certificate.

Returns:

the string representation

All Packages  Class Hierarchy  This Package  Previous  Next  Index