Package org.xipki.security

Class X509Cert

  • public class X509Cert
extends Object
    Wrapper to an X509Certificate.
    Since:
    5.3.8
    Author:
    Lijun Liao (xipki)

    • Constructor Detail

      • X509Cert

        public X509Cert​(org.bouncycastle.asn1.x509.Certificate cert)

      • X509Cert

        public X509Cert​(org.bouncycastle.asn1.x509.Certificate cert,
                byte[] encoded)

      • X509Cert

        public X509Cert​(org.bouncycastle.cert.X509CertificateHolder cert)

      • X509Cert

        public X509Cert​(org.bouncycastle.cert.X509CertificateHolder cert,
                byte[] encoded)

    • Method Detail

      • getBasicConstraints

        public int getBasicConstraints()
        Gets the certificate constraints path length from the critical BasicConstraints extension, (OID = 2.5.29.19).

        The basic constraints extension identifies whether the subject of the certificate is a Certificate Authority (CA) and how deep a certification path may exist through that CA. The pathLenConstraint field (see below) is meaningful only if cA is set to TRUE. In this case, it gives the maximum number of CA certificates that may follow this certificate in a certification path. A value of zero indicates that only an end-entity certificate may follow in the path.

        The ASN.1 definition for this is: 

         BasicConstraints ::= SEQUENCE {
     cA                  BOOLEAN DEFAULT FALSE,
     pathLenConstraint   INTEGER (0..MAX) OPTIONAL }
        Returns:
        the value of pathLenConstraint if the BasicConstraints extension is present in the certificate and the subject of the certificate is a CA, otherwise -1. If the subject of the certificate is a CA and pathLenConstraint does not appear, Integer.MAX_VALUE is returned to indicate that there is no limit to the allowed length of the certification path.

      • getSerialNumber

        public BigInteger getSerialNumber()

      • getSerialNumberHex

        public String getSerialNumberHex()

      • getPublicKey

        public PublicKey getPublicKey()

      • getKeyUsage

        public boolean[] getKeyUsage()

      • getSubjectAltNames

        public byte[] getSubjectAltNames()

      • getIssuer

        public org.bouncycastle.asn1.x500.X500Name getIssuer()

      • getSubject

        public org.bouncycastle.asn1.x500.X500Name getSubject()

      • getSubjectKeyId

        public byte[] getSubjectKeyId()

      • getAuthorityKeyId

        public byte[] getAuthorityKeyId()

      • getSubjectText

        public String getSubjectText()

      • getIssuerText

        public String getIssuerText()

      • getSubjectPublicKeyInfo

        public org.bouncycastle.asn1.x509.SubjectPublicKeyInfo getSubjectPublicKeyInfo()

      • toBcCert

        public org.bouncycastle.cert.X509CertificateHolder toBcCert()

      • isSelfSigned

        public boolean isSelfSigned()

      • getNotBefore

        public Instant getNotBefore()

      • getNotAfter

        public Instant getNotAfter()

      • getEncoded

        public byte[] getEncoded()

      • getCommonName

        public String getCommonName()

      • getExtensionCoreValue

        public byte[] getExtensionCoreValue​(org.bouncycastle.asn1.ASN1ObjectIdentifier extnType)

      • hasKeyusage

        public boolean hasKeyusage​(KeyUsage usage)

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object