iaik.me.x509
Class X509Certificate

java.lang.Object
  |
  +--iaik.me.x509.X509Certificate

public class X509Certificate

extends Object

This class is used to parse X509 certificates. The certificate can be parsed with

 X509Certificate x509 = new X509Certificate(SysUtil.openFileInputStream(file));
 

Constructor Summary

X509Certificate(byte[] data)
Creates a X509 certificate where the certificate info is stored in a byte array.

X509Certificate(InputStream in)
Creates a X509 certificate from a given inputstream.

Method Summary

static X509Certificate[]	arrangeCertificateChain(PublicKey pubKey, Vector v)
static X509Certificate[]	arrangeCertificateChain(PublicKey pubKey, X509Certificate[] certs)
void	checkValidity() This method checks the validity of the certificate.
void	checkValidity(Date date) This method checks the validity of the Certificate.
boolean	equals(Object obj) Compares two certificate objects.
Enumeration	extensions() Returns an enumeration of the certificate's extensions. Enumeration e = x509.extensions(); while (e.hasMoreElements()) { System.out.println((X509Extension)e.nextElement()); }
byte[]	getEncoded() getNotBefore()
X509Extension	getExtension(String oid) This method returns a specific certificate Extension.
Name	getIssuerDN() Returns the certificate's issuer name.
Date	getNotAfter() Returns the certificate's ending of validity.
Date	getNotBefore() Returns the certificate's beginning of validity.
PublicKey	getPublicKey() Returns the public key of the X509 certificate.
BigInteger	getSerialNumber() Returns the serialnumber of the X509 certificate.
String	getSigAlgOID() Returns the signature algorithm ID.
Name	getSubjectDN() Returns the certificate's subject.
int	getVersion() Returns the version number of the X509 Certificate.
int	hashCode() Returns a specific hash value from the X509Certificate object.
String	toString() This method shows information from the certificate including: version, serial number, signature algorithm, subject, issuer, valid from - to, the publickey representation and an enumeration of the extensions.
void	verify() This method verifies a self signed certificate.
void	verify(PublicKey publicKey) This method used a public key to verify the certificate.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

X509Certificate

public X509Certificate(InputStream in)
                throws IOException

Creates a X509 certificate from a given inputstream. The certificate is expected to be ASN.1 encoded.

Parameters:

in - the inputstream

Throws:

IOException - if an error with the stream occurs.

Since:

3.0

X509Certificate

public X509Certificate(byte[] data)
                throws IOException

Creates a X509 certificate where the certificate info is stored in a byte array. The certificate is expected to be ASN.1 encoded.

Parameters:

data - the bytearray

Throws:

IOException - if an error during decoding occurs

Since:

3.0

Method Detail

getVersion

public int getVersion()

Returns the version number of the X509 Certificate.

Returns:

version number of the certificate

Since:

3.0

getSerialNumber

public BigInteger getSerialNumber()

Returns the serialnumber of the X509 certificate.

Returns:

serial number of the certificate

Since:

3.0

getSigAlgOID

public String getSigAlgOID()

Returns the signature algorithm ID.

Returns:

sig. alg. ID

Since:

3.0

getPublicKey

public PublicKey getPublicKey()

Returns the public key of the X509 certificate.

Returns:

the public key

Since:

3.0

getSubjectDN

public Name getSubjectDN()

Returns the certificate's subject.

Returns:

subject name

Since:

3.0

getIssuerDN

public Name getIssuerDN()

Returns the certificate's issuer name.

Returns:

issuer name

Since:

3.0

getNotBefore

public Date getNotBefore()

Returns the certificate's beginning of validity.

Returns:

starting date

Since:

3.0

getNotAfter

public Date getNotAfter()

Returns the certificate's ending of validity.

Returns:

starting date

Since:

3.0

extensions

public Enumeration extensions()

Returns an enumeration of the certificate's extensions.

  Enumeration e = x509.extensions();    		
  while (e.hasMoreElements()) {
			System.out.println((X509Extension)e.nextElement());
  }
 

Returns:

extensions

Since:

3.0

getExtension

public X509Extension getExtension(String oid)

This method returns a specific certificate Extension. The extension can be selected by it's object identifier. X509Certificate x509 = new X509Certificate(SysUtil.openFileInputStream(file)); X509Extension ex1= x509.getExtension(X509Extension.OID_KEY_USAGE); For details how to retrieve values from the extension object see:@link X509Extension

Parameters:

oid - Object Identifier of the Extension

Returns:

X509Extension object

Since:

3.0

getEncoded

public byte[] getEncoded()

getNotBefore()

Returns:

the encoded X509 certificate

verify

public void verify()
            throws CryptoException

This method verifies a self signed certificate. It only calls verify(PublicKey) with the public key certified by this certificate. Since this certificate would be a self-signed certificate, issuer and subject would be the same entities.

Throws:

CryptoException - if the publickey does not correspond to the private

Since:

3.0

verify

public void verify(PublicKey publicKey)
            throws CryptoException

This method used a public key to verify the certificate. If the certificate cannot be verified a CryptoException is thrown

Parameters:

the - publickey

Throws:

CryptoException -

Since:

3.0

checkValidity

public void checkValidity()
                   throws CryptoException

This method checks the validity of the certificate. It uses the current system time and date for this check. If this date is not within the certificates validity period, a CryptoException is thrown.

The validity can be checked with this:

 	 	
	try {
		 x509.checkValidity();
		 System.out.println("Certificate Valid!);			
	} catch (CryptoException e) {			
		System.out.println("Certificate not Valid!");			
	} 
 

Throws:

CryptoException -

Since:

3.0

checkValidity

public void checkValidity(Date date)
                   throws CryptoException

This method checks the validity of the Certificate. This method takes a date object as parameter. If you want to use the current system time use checkValidity() If the certificate is not valid yet or if it's validity is over a CryptoException is thrown.

The validity can be checked with this:

 	
	Date date = new Date(123123); // insert the desired Date here	 	
	try {
		 x509.checkValidity(date);
		 System.out.println("Certificate Valid!);			
	} catch (CryptoException e) {			
		System.out.println("Certificate not Valid!");			
	} 
 

Parameters:

date - the date

Throws:

CryptoException - if the

toString

public String toString()

This method shows information from the certificate including:
version, serial number, signature algorithm, subject, issuer, valid from - to, the publickey representation
and an enumeration of the extensions.

Overrides:

toString in class Object

Returns:

a String object containing all the before mentionend information

Since:

3.0

hashCode

public int hashCode()

Returns a specific hash value from the X509Certificate object.

Overrides:

hashCode in class Object

Returns:

the hashcode as integer value

equals

public boolean equals(Object obj)

Compares two certificate objects. If this object is the same as , true is returned.

Overrides:

equals in class Object

Returns:

true is the objects are equal

arrangeCertificateChain

public static X509Certificate[] arrangeCertificateChain(PublicKey pubKey,
                                                        X509Certificate[] certs)
                                                 throws CryptoException

arrangeCertificateChain

public static X509Certificate[] arrangeCertificateChain(PublicKey pubKey,
                                                        Vector v)
                                                 throws CryptoException