COM.claymoresystems.cert
public class X509Cert extends Object implements Certificate
The interface here does not match Sun's certificate interface, and even though that interface is pretty useless, we should still probably implement it.
Constructor Summary | |
---|---|
X509Cert(byte[] ber_) Create an X509Cert from an encoded value |
Method Summary | |
---|---|
byte[] | getDER() Get the encoded form of this certificate |
Vector | getExtensions() |
byte[] | getIssuerDER() Get the encoded form of the issuerName |
DistinguishedName | getIssuerName() Get the issuer name as an X509Name |
PublicKey | getPublicKey() Get the publicKey associated with this certificate |
BigInteger | getSerial() Get the serial number |
byte[] | getSubjectDER() Get the encoded form of the subjectName |
DistinguishedName | getSubjectName() Get the subject name as an X509Name |
Date | getValidityNotAfter() Get the end of the validity window |
Date | getValidityNotBefore() Get the beginning of the validity window |
boolean | verify(PublicKey key) Check a certificate signature using the specified public key |
static Vector | verifyCertChain(CertContext ctx, Vector certs, CertVerifyPolicyInt policy) Verify a certificate chain. |
Parameters: ber_ the encoded certificate as a byte[]
Currently this chokes if the cert is poorly encoded. We
have to fix that to throw an IOException. TODO
Returns: the encoded form
Returns: the DER encoded issuerName
Returns: an object representing the issuerName
Returns: the public key
Returns: the serial number
Returns: the DER encoded subjectName
Returns: an object representing the subjectName
Returns: the end of the certificate validity period
Returns: the beginning of the certificate validity period
Returns: true if the signature checks, otherwise false
Parameters: ctx the cert context certs the certs to start with, ordered root first
Returns: the canonicalized chain, with spurious certificates trimmed from the front and the root (if necessary) prepended