javax.security.cert
Class X509Certificate

java.lang.Object
  |
  +--javax.security.cert.Certificate
        |
        +--javax.security.cert.X509Certificate

public abstract class X509Certificate
extends Certificate


Constructor Summary
X509Certificate()
           
 
Method Summary
abstract  void checkValidity()
          Checks that the certificate is currently valid.
abstract  void checkValidity(Date date)
          Checks that the specified date is within the certificate's validity period.
static X509Certificate getInstance(byte[] certData)
          Instantiates an X509Certificate object, and initializes it with the specified byte array.
static X509Certificate getInstance(InputStream inStream)
          Instantiates an X509Certificate object, and initializes it with the data read from the input stream inStream.
abstract  Principal getIssuerDN()
          Gets the issuer (issuer distinguished name) value from the certificate.
abstract  Date getNotAfter()
          Gets the notAfter date from the validity period of the certificate.
abstract  Date getNotBefore()
          Gets the notBefore date from the validity period of the certificate.
abstract  BigInteger getSerialNumber()
          Gets the serialNumber value from the certificate.
abstract  String getSigAlgName()
          Gets the signature algorithm name for the certificate signature algorithm.
abstract  String getSigAlgOID()
          Gets the signature algorithm OID string from the certificate.
abstract  byte[] getSigAlgParams()
          Gets the DER-encoded signature algorithm parameters from this certificate's signature algorithm.
abstract  Principal getSubjectDN()
          Gets the subject (subject distinguished name) value from the certificate.
abstract  int getVersion()
          Gets the version (version number) value from the certificate.
 
Methods inherited from class javax.security.cert.Certificate
equals, getEncoded, getPublicKey, hashCode, toString, verify, verify
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

X509Certificate

public X509Certificate()
Method Detail

checkValidity

public abstract void checkValidity()
                            throws CertificateExpiredException,
                                   CertificateNotYetValidException
Checks that the certificate is currently valid. It is if the current date and time are within the validity period given in the certificate.
Throws:
CertificateExpiredException - if the certificate has expired.
CertificateNotYetValidException - if the certificate is not yet valid.

checkValidity

public abstract void checkValidity(Date date)
                            throws CertificateExpiredException,
                                   CertificateNotYetValidException
Checks that the specified date is within the certificate's validity period. In other words, this determines whether the certificate would be valid at the specified date/time.
Parameters:
date - the Date to check against to see if this certificate is valid at that date/time.
Throws:
CertificateExpiredException - if the certificate has expired with respect to the date supplied.
CertificateNotYetValidException - if the certificate is not yet valid with respect to the date supplied.

getInstance

public static final X509Certificate getInstance(byte[] certData)
                                         throws CertificateException
Instantiates an X509Certificate object, and initializes it with the specified byte array. The implementation (X509Certificate is an abstract class) is provided by the class specified as the value of the cert.provider.x509v1 property in the security properties file.

Note: All X509Certificate subclasses must provide a constructor of the form: public (InputStream inStream) ...

Parameters:
certData - a byte array containing the DER-encoded certificate.
Returns:
an X509Certificate object initialized with the data from certData.
Throws:
CertificateException - if a class initialization or certificate parsing error occurs.

getInstance

public static final X509Certificate getInstance(InputStream inStream)
                                         throws CertificateException
Instantiates an X509Certificate object, and initializes it with the data read from the input stream inStream. The implementation (X509Certificate is an abstract class) is provided by the class specified as the value of the cert.provider.x509v1 property in the security properties file.

Note: Only one DER-encoded certificate is expected to be in the input stream. Also, all X509Certificate subclasses must provide a constructor of the form: public (InputStream inStream) ...

Parameters:
inStream - an input stream with the data to be read to initialize the certificate.
Returns:
an X509Certificate object initialized with the data from the input stream.
Throws:
CertificateException - if a class initialization or certificate parsing error occurs.

getIssuerDN

public abstract Principal getIssuerDN()
Gets the issuer (issuer distinguished name) value from the certificate. The issuer name identifies the entity that signed (and issued) the certificate.
Returns:
a Principal whose name is the issuer distinguished name.

getNotAfter

public abstract Date getNotAfter()
Gets the notAfter date from the validity period of the certificate.
Returns:
the end date of the validity period.

getNotBefore

public abstract Date getNotBefore()
Gets the notBefore date from the validity period of the certificate.
Returns:
the start date of the validity period.

getSerialNumber

public abstract BigInteger getSerialNumber()
Gets the serialNumber value from the certificate. The serial number is an integer assigned by the certification authority to each certificate. It must be unique for each certificate issued by a given CA (i.e., the issuer name and serial number identify a unique certificate).
Returns:
the serial number.

getSigAlgName

public abstract String getSigAlgName()
Gets the signature algorithm name for the certificate signature algorithm. An example is the string "SHA-1/DSA".
Returns:
the signature algorithm name.

getSigAlgOID

public abstract String getSigAlgOID()
Gets the signature algorithm OID string from the certificate. An OID is represented by a set of positive whole numbers separated by periods. For example, the string "1.2.840.10040.4.3" identifies the SHA-1 with DSA signature algorithm, as per the PKIX part I.
Returns:
the signature algorithm OID string.

getSigAlgParams

public abstract byte[] getSigAlgParams()
Gets the DER-encoded signature algorithm parameters from this certificate's signature algorithm. In most cases, the signature algorithm parameters are null; the parameters are usually supplied with the certificate's public key.
Returns:
the DER-encoded signature algorithm parameters, or null if no parameters are present.

getSubjectDN

public abstract Principal getSubjectDN()
Gets the subject (subject distinguished name) value from the certificate.
Returns:
a Principal whose name is the subject name.

getVersion

public abstract int getVersion()
Gets the version (version number) value from the certificate.
Returns:
the version number from the ASN.1 encoding, i.e. 0, 1 or 2.