Class java.security.cert.Certificate | |
|
| |
This class represents any type of cryptographic certificate. A
certificate contains a public key (see
getPublicKey()) and other associated
information. The certificate contains an internal signature that
protects its integrity. You can verify the integrity of the
certificate by calling one of the verify()
methods with the public key of the certificate's issuer. (Note:
don't confuse this class with the
java.security.Certificate interface, which is
deprecated.)
Class Definition
public abstract class java.security.cert.Certificate
extends java.lang.Object {
// Constructors
public Certificate();
// Instance Methods
public boolean equals(Object);
public abstract byte[] getEncoded();
public abstract PublicKey getPublicKey();
public int hashCode();
public abstract String toString();
public abstract void verify(PublicKey);
public abstract void verify(PublicKey, String);
}
See also: PublicKey, X509Certificate
Class java.security.cert.CertificateFactory | |
|
| |
A certificate factory is used to import certificates or certificate
revocation lists from a file or other input stream.
Class Definition
public java.security.cert.CertificateFactory
extends java.lang.Object{
//Constructors
protected CertificateFactory(CertificateFactorySpi, Provider,
String);
//Class Methods
public static final CertificateFactory getInstance(String);
public static final CertificateFactory getInstance(String,
String);
//Instance Methods
public final CRL generateCRL(InputStream);
public final Collection generateCRLs(InputStream);
public final Certificate generateCertificate(InputStream);
public final Collection generateCertificates(InputStream);
public final Provider getProvider();
public final String getType();
}
See also: X509Certificate, X509CRLEntry
Class java.security.cert.X509Certificate | |
|
| |
This class represents certificates as defined in the X.509 standard.
Such certificates associate a public key with a subject, which is
usually a person or organization. You can find out the
certificate's subject by calling
getSubjectDN(), while you can retrieve the
subject's public key using getPublicKey().
The certificate's issuer is the person or organization that
generated and signed the certificate (see
getIssuerDN()). If you have a certificate file
in the format described by RFC 1421, you can create an
X509Certificate from that data by using one of the
getInstance() methods.
Class Definition
public abstract class java.security.cert.X509Certificate
extends java.security.cert.Certificate
implements java.security.cert.X509Extension {
// Constructors
public X509Certificate();
// Instance Methods
public abstract void checkValidity();
public abstract void checkValidity(Date);
public abstract int getBasicConstraints();
public abstract Set getCriticalExtensionOIDs();
public abstract byte[] getExtensionValue(String);
public abstract Principal getIssuerDN();
public abstract boolean[] getIssuerUniqueID();
public abstract boolean[] getKeyUsage();
public abstract Set getNonCriticalExtensionOIDs();
public abstract Date getNotAfter();
public abstract Date getNotBefore();
public abstract BigInteger getSerialNumber();
public abstract String getSigAlgName();
public abstract String getSigAlgOID();
public abstract byte[] getSigAlgParams();
public abstract byte[] getSignature();
public abstract Principal getSubjectDN();
public abstract boolean[] getSubjectUniqueID();
public abstract byte[] getTBSCertificate();
public abstract int getVersion();
}
See also: Principal, PublicKey, X509Extension
Class java.security.cert.X509CRL | |
|
| |
A Certificate Revocation List (CRL) is a list of certificates whose
keys are no longer valid. This class represents CRLs as defined in
the X.509 standard. If you have a CRL file that you would like to
examine, you can construct an X509CRL object from the file using one
of the getInstance() methods. A CRL, just like a
certificate, has an internal signature that protects its integrity.
To verify the integrity of the CRL itself, call one of the
verify() methods with the issuer's public
key. To find out if a particular certificate is revoked, call the
isRevoked() method with the certificate's
serial number.
Class Definition
public abstract class java.security.cert.X509CRL
extends java.lang.Object
implements java.security.cert.X509Extension {
// Constructors
public X509CRL();
// Instance Methods
public boolean equals(Object);
public abstract Set getCriticalExtensionOIDs();
public abstract byte[] getEncoded();
public abstract byte[] getExtensionValue(String);
public abstract Principal getIssuerDN();
public abstract Date getNextUpdate();
public abstract Set getNonCriticalExtensionOIDs();
public abstract X509CRLEntry getRevokedCertificate(BigInteger);
public abstract Set getRevokedCertificates();
public abstract String getSigAlgName();
public abstract String getSigAlgOID();
public abstract byte[] getSigAlgParams();
public abstract byte[] getSignature();
public abstract byte[] getTBSCertList();
public abstract Date getThisUpdate();
public abstract int getVersion();
public abstract boolean hasUnsupportedCriticalExtension();
public int hashCode();
public abstract boolean isRevoked(BigInteger);
public abstract String toString();
public abstract void verify(PublicKey);
public abstract void verify(PublicKey, String);
}
See also: Certificate, PublicKey, X509CRLEntry, X509Extension
Class java.security.cert.X509CRLEntry | |
|
| |
A revoked certificate represents a certificate whose contained key is
no longer safe to use. Instances of this class are returned by
X509CRL's getRevokedCertificate() method.
You can examine the certificate's revocation date and X.509
extensions.
Class Definition
public abstract class java.security.cert.X509CRLEntry
extends java.lang.Object
implements java.security.cert.X509Extension {
// Constructors
public RevokedCertificate();
// Instance Methods
public abstract Set getCriticalExtensionOIDs();
public abstract byte[] getExtensionValue(String);
public abstract Set getNonCriticalExtensionOIDs();
public abstract Date getRevocationDate();
public abstract BigInteger getSerialNumber();
public abstract boolean hasExtensions();
public abstract boolean hasUnsupportedCriticalExtension();
public abstract String toString();
}
See also: Certificate, X509CRL, X509Extension
Interface java.security.cert.X509Extension | |
|
| |
The X509Extension interface represents the certificate extensions
defined by the X.509v3 standard. Extensions are additional bits of
information contained in a certificate. Each extension is designated
as critical or non-critical. An application that handles a
certificate should either correctly interpret the critical extensions
or produce some kind of error if they cannot be recognized.
Class Definition
public abstract interface java.security.cert.X509Extension {
// Instance Methods
public abstract Set getCriticalExtensionOIDs();
public abstract boolean hasUnsupportedCriticalExtension();
public abstract byte[] getExtensionValue(String);
public abstract Set getNonCriticalExtensionOIDs();
}
See also: X509CRLEntry, X509Certificate, X509CRL