COM.claymoresystems.cert

Class X509Cert

public class X509Cert extends Object implements Certificate

A single X509 Certificate.

The interface here does not match Sun's certificate interface, and even though that interface is pretty useless, we should still probably implement it.

Constructor Summary
X509Cert(byte[] ber_)
Create an X509Cert from an encoded value
Method Summary
byte[]getDER()
Get the encoded form of this certificate
VectorgetExtensions()
byte[]getIssuerDER()
Get the encoded form of the issuerName
DistinguishedNamegetIssuerName()
Get the issuer name as an X509Name
PublicKeygetPublicKey()
Get the publicKey associated with this certificate
BigIntegergetSerial()
Get the serial number
byte[]getSubjectDER()
Get the encoded form of the subjectName
DistinguishedNamegetSubjectName()
Get the subject name as an X509Name
DategetValidityNotAfter()
Get the end of the validity window
DategetValidityNotBefore()
Get the beginning of the validity window
booleanverify(PublicKey key)
Check a certificate signature using the specified public key
static VectorverifyCertChain(CertContext ctx, Vector certs, CertVerifyPolicyInt policy)
Verify a certificate chain.

Constructor Detail

X509Cert

public X509Cert(byte[] ber_)
Create an X509Cert from an encoded value

Parameters: ber_ the encoded certificate as a byte[]

Currently this chokes if the cert is poorly encoded. We have to fix that to throw an IOException. TODO

Method Detail

getDER

public byte[] getDER()
Get the encoded form of this certificate

Returns: the encoded form

getExtensions

public Vector getExtensions()

getIssuerDER

public byte[] getIssuerDER()
Get the encoded form of the issuerName

Returns: the DER encoded issuerName

getIssuerName

public DistinguishedName getIssuerName()
Get the issuer name as an X509Name

Returns: an object representing the issuerName

getPublicKey

public PublicKey getPublicKey()
Get the publicKey associated with this certificate

Returns: the public key

getSerial

public BigInteger getSerial()
Get the serial number

Returns: the serial number

getSubjectDER

public byte[] getSubjectDER()
Get the encoded form of the subjectName

Returns: the DER encoded subjectName

getSubjectName

public DistinguishedName getSubjectName()
Get the subject name as an X509Name

Returns: an object representing the subjectName

getValidityNotAfter

public Date getValidityNotAfter()
Get the end of the validity window

Returns: the end of the certificate validity period

getValidityNotBefore

public Date getValidityNotBefore()
Get the beginning of the validity window

Returns: the beginning of the certificate validity period

verify

public boolean verify(PublicKey key)
Check a certificate signature using the specified public key

Returns: true if the signature checks, otherwise false

verifyCertChain

public static Vector verifyCertChain(CertContext ctx, Vector certs, CertVerifyPolicyInt policy)
Verify a certificate chain.

Parameters: ctx the cert context certs the certs to start with, ordered root first

Returns: the canonicalized chain, with spurious certificates trimmed from the front and the root (if necessary) prepended

Copyright (c) 1999-2001 Claymore Systems, Inc., All Rights Reserved.