org.xipki.security

Class X509Cert

java.lang.Object

org.xipki.security.X509Cert

public class X509Cert
extends Object

Wrapper to an X509Certificate.

Since:

5.3.8

Author:

Lijun Liao

Constructor Summary

Constructors

Constructor and Description
X509Cert(org.bouncycastle.asn1.x509.Certificate cert)
X509Cert(org.bouncycastle.asn1.x509.Certificate cert, byte[] encoded)
X509Cert(X509Certificate cert)
X509Cert(X509Certificate cert, byte[] encoded)
X509Cert(org.bouncycastle.cert.X509CertificateHolder cert)
X509Cert(org.bouncycastle.cert.X509CertificateHolder cert, byte[] encoded)

Method Summary

Modifier and Type	Method and Description
boolean	equals(Object obj)
byte[]	getAuthorityKeyId()
int	getBasicConstraints() Gets the certificate constraints path length from the critical BasicConstraints extension, (OID = 2.5.29.19).
String	getCommonName()
byte[]	getEncoded()
byte[]	getExtensionCoreValue(org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)
org.bouncycastle.asn1.x500.X500Name	getIssuer()
String	getIssuerRfc4519Text()
boolean[]	getKeyUsage()
Date	getNotAfter()
Date	getNotBefore()
PublicKey	getPublicKey()
BigInteger	getSerialNumber()
String	getSerialNumberHex()
org.bouncycastle.asn1.x500.X500Name	getSubject()
byte[]	getSubjectKeyId()
org.bouncycastle.asn1.x509.SubjectPublicKeyInfo	getSubjectPublicKeyInfo()
String	getSubjectRfc4519Text()
int	hashCode()
boolean	hasKeyusage(KeyUsage usage)
boolean	isSelfSigned()
org.bouncycastle.cert.X509CertificateHolder	toBcCert()
X509Certificate	toJceCert()
void	verify(PublicKey key)
void	verify(PublicKey key, Provider sigProvider)
void	verify(PublicKey key, String sigProvider)

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

X509Cert

public X509Cert(org.bouncycastle.asn1.x509.Certificate cert)

X509Cert

public X509Cert(org.bouncycastle.asn1.x509.Certificate cert,
                byte[] encoded)

X509Cert

public X509Cert(X509Certificate cert)

X509Cert

public X509Cert(X509Certificate cert,
                byte[] encoded)

X509Cert

public X509Cert(org.bouncycastle.cert.X509CertificateHolder cert)

X509Cert

public X509Cert(org.bouncycastle.cert.X509CertificateHolder cert,
                byte[] encoded)

Method Detail

getBasicConstraints

public int getBasicConstraints()

Gets the certificate constraints path length from the critical BasicConstraints extension, (OID = 2.5.29.19).

The basic constraints extension identifies whether the subject of the certificate is a Certificate Authority (CA) and how deep a certification path may exist through that CA. The pathLenConstraint field (see below) is meaningful only if cA is set to TRUE. In this case, it gives the maximum number of CA certificates that may follow this certificate in a certification path. A value of zero indicates that only an end-entity certificate may follow in the path.

The ASN.1 definition for this is:

 BasicConstraints ::= SEQUENCE {
     cA                  BOOLEAN DEFAULT FALSE,
     pathLenConstraint   INTEGER (0..MAX) OPTIONAL }
 

Returns:

the value of pathLenConstraint if the BasicConstraints extension is present in the certificate and the subject of the certificate is a CA, otherwise -1. If the subject of the certificate is a CA and pathLenConstraint does not appear, Integer.MAX_VALUE is returned to indicate that there is no limit to the allowed length of the certification path.

getSerialNumber

public BigInteger getSerialNumber()

getSerialNumberHex

public String getSerialNumberHex()

getPublicKey

public PublicKey getPublicKey()

getKeyUsage

public boolean[] getKeyUsage()

getIssuer

public org.bouncycastle.asn1.x500.X500Name getIssuer()

getSubject

public org.bouncycastle.asn1.x500.X500Name getSubject()

getSubjectKeyId

public byte[] getSubjectKeyId()

getAuthorityKeyId

public byte[] getAuthorityKeyId()

getSubjectRfc4519Text

public String getSubjectRfc4519Text()

getIssuerRfc4519Text

public String getIssuerRfc4519Text()

getSubjectPublicKeyInfo

public org.bouncycastle.asn1.x509.SubjectPublicKeyInfo getSubjectPublicKeyInfo()

toJceCert

public X509Certificate toJceCert()

toBcCert

public org.bouncycastle.cert.X509CertificateHolder toBcCert()

isSelfSigned

public boolean isSelfSigned()

getNotBefore

public Date getNotBefore()

getNotAfter

public Date getNotAfter()

getEncoded

public byte[] getEncoded()

getCommonName

public String getCommonName()

verify

public void verify(PublicKey key)
            throws SignatureException,
                   InvalidKeyException,
                   CertificateException,
                   NoSuchAlgorithmException,
                   NoSuchProviderException

Throws:

SignatureException

InvalidKeyException

CertificateException

NoSuchAlgorithmException

NoSuchProviderException

verify

public void verify(PublicKey key,
                   Provider sigProvider)
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   SignatureException,
                   NoSuchProviderException

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

SignatureException

NoSuchProviderException

verify

public void verify(PublicKey key,
                   String sigProvider)
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   SignatureException,
                   NoSuchProviderException

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

SignatureException

NoSuchProviderException

getExtensionCoreValue

public byte[] getExtensionCoreValue(org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)

hasKeyusage

public boolean hasKeyusage(KeyUsage usage)

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object