x509certificate.html

API資料大全

</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the end date of the validity period.<DT><B>See Also: </B><DD><A HREF="../../../java/security/cert/X509Certificate.html#checkValidity()"><CODE>checkValidity()</CODE></A></DL>
</DD>
</DL>
<HR>

<A NAME="getTBSCertificate()"><!-- --></A><H3>
getTBSCertificate</H3>
<PRE>
public abstract byte[] <B>getTBSCertificate</B>()
                                  throws <A HREF="../../../java/security/cert/CertificateEncodingException.html">CertificateEncodingException</A></PRE>
<DL>
<DD>Gets the DER-encoded certificate information, the
 <code>tbsCertificate</code> from this certificate.
 This can be used to verify the signature independently.<DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the DER-encoded certificate information.<DT><B>Throws:</B><DD><CODE><A HREF="../../../java/security/cert/CertificateEncodingException.html">CertificateEncodingException</A></CODE> - if an encoding error occurs.</DL>
</DD>
</DL>
<HR>

<A NAME="getSignature()"><!-- --></A><H3>
getSignature</H3>
<PRE>
public abstract byte[] <B>getSignature</B>()</PRE>
<DL>
<DD>Gets the <code>signature</code> value (the raw signature bits) from 
 the certificate.
 The ASN.1 definition for this is:
 <pre>
 signature     BIT STRING  
 </pre><DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the signature.</DL>
</DD>
</DL>
<HR>

<A NAME="getSigAlgName()"><!-- --></A><H3>
getSigAlgName</H3>
<PRE>
public abstract <A HREF="../../../java/lang/String.html">String</A> <B>getSigAlgName</B>()</PRE>
<DL>
<DD>Gets the signature algorithm name for the certificate
 signature algorithm. An example is the string "SHA-1/DSA".
 The ASN.1 definition for this is:
 <pre>
 signatureAlgorithm   AlgorithmIdentifier<p>
 AlgorithmIdentifier  ::=  SEQUENCE  {
     algorithm               OBJECT IDENTIFIER,
     parameters              ANY DEFINED BY algorithm OPTIONAL  }
                             -- contains a value of the type
                             -- registered for use with the
                             -- algorithm object identifier value
 </pre>
 
 <p>The algorithm name is determined from the <code>algorithm</code>
 OID string.<DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the signature algorithm name.</DL>
</DD>
</DL>
<HR>

<A NAME="getSigAlgOID()"><!-- --></A><H3>
getSigAlgOID</H3>
<PRE>
public abstract <A HREF="../../../java/lang/String.html">String</A> <B>getSigAlgOID</B>()</PRE>
<DL>
<DD>Gets the signature algorithm OID string from the certificate.
 An OID is represented by a set of positive whole numbers separated
 by periods.
 For example, the string "1.2.840.10040.4.3" identifies the SHA-1
 with DSA signature algorithm, as per RFC 2459.
 
 <p>See <A HREF="../../../java/security/cert/X509Certificate.html#getSigAlgName()"><CODE>getSigAlgName</CODE></A> for 
 relevant ASN.1 definitions.<DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the signature algorithm OID string.</DL>
</DD>
</DL>
<HR>

<A NAME="getSigAlgParams()"><!-- --></A><H3>
getSigAlgParams</H3>
<PRE>
public abstract byte[] <B>getSigAlgParams</B>()</PRE>
<DL>
<DD>Gets the DER-encoded signature algorithm parameters from this
 certificate's signature algorithm. In most cases, the signature
 algorithm parameters are null; the parameters are usually
 supplied with the certificate's public key.
 If access to individual parameter values is needed then use
 <A HREF="../../../java/security/AlgorithmParameters.html"><CODE>AlgorithmParameters</CODE></A>
 and instantiate with the name returned by
 <A HREF="../../../java/security/cert/X509Certificate.html#getSigAlgName()"><CODE>getSigAlgName</CODE></A>.
 
 <p>See <A HREF="../../../java/security/cert/X509Certificate.html#getSigAlgName()"><CODE>getSigAlgName</CODE></A> for 
 relevant ASN.1 definitions.<DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the DER-encoded signature algorithm parameters, or
         null if no parameters are present.</DL>
</DD>
</DL>
<HR>

<A NAME="getIssuerUniqueID()"><!-- --></A><H3>
getIssuerUniqueID</H3>
<PRE>
public abstract boolean[] <B>getIssuerUniqueID</B>()</PRE>
<DL>
<DD>Gets the <code>issuerUniqueID</code> value from the certificate.
 The issuer unique identifier is present in the certificate
 to handle the possibility of reuse of issuer names over time.
 RFC 2459 recommends that names not be reused and that
 conforming certificates not make use of unique identifiers.
 Applications conforming to that profile should be capable of
 parsing unique identifiers and making comparisons.
 
 <p>The ASN.1 definition for this is:
 <pre>
 issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL<p>
 UniqueIdentifier  ::=  BIT STRING
 </pre><DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the issuer unique identifier or null if it is not
 present in the certificate.</DL>
</DD>
</DL>
<HR>

<A NAME="getSubjectUniqueID()"><!-- --></A><H3>
getSubjectUniqueID</H3>
<PRE>
public abstract boolean[] <B>getSubjectUniqueID</B>()</PRE>
<DL>
<DD>Gets the <code>subjectUniqueID</code> value from the certificate.
 
 <p>The ASN.1 definition for this is:
 <pre>
 subjectUniqueID  [2]  IMPLICIT UniqueIdentifier OPTIONAL<p>
 UniqueIdentifier  ::=  BIT STRING
 </pre><DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the subject unique identifier or null if it is not
 present in the certificate.</DL>
</DD>
</DL>
<HR>

<A NAME="getKeyUsage()"><!-- --></A><H3>
getKeyUsage</H3>
<PRE>
public abstract boolean[] <B>getKeyUsage</B>()</PRE>
<DL>
<DD>Gets a boolean array representing bits of
 the <code>KeyUsage</code> extension, (OID = 2.5.29.15).
 The key usage extension defines the purpose (e.g., encipherment,
 signature, certificate signing) of the key contained in the
 certificate.
 The ASN.1 definition for this is:
 <pre>
 KeyUsage ::= BIT STRING {
     digitalSignature        (0),
     nonRepudiation          (1),
     keyEncipherment         (2),
     dataEncipherment        (3),
     keyAgreement            (4),
     keyCertSign             (5),
     cRLSign                 (6),
     encipherOnly            (7),
     decipherOnly            (8) }
 </pre>
 RFC 2459 recommends that when used, this be marked
 as a critical extension.<DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the KeyUsage extension of this certificate, represented as
 an array of booleans. The order of KeyUsage values in the array is
 the same as in the above ASN.1 definition. The array will contain a
 value for each KeyUsage defined above. If the KeyUsage list encoded
 in the certificate is longer than the above list, it will not be
 truncated. Returns null if this certificate does not
 contain a KeyUsage extension.</DL>
</DD>
</DL>
<HR>

<A NAME="getBasicConstraints()"><!-- --></A><H3>
getBasicConstraints</H3>
<PRE>
public abstract int <B>getBasicConstraints</B>()</PRE>
<DL>
<DD>Gets the certificate constraints path length from the
 critical <code>BasicConstraints</code> extension, (OID = 2.5.29.19).
 <p>
 The basic constraints extension identifies whether the subject
 of the certificate is a Certificate Authority (CA) and 
 how deep a certification path may exist through that CA. The 
 <code>pathLenConstraint</code> field (see below) is meaningful
 only if <code>cA</code> is set to TRUE. In this case, it gives the
 maximum number of CA certificates that may follow this certificate in a
 certification path. A value of zero indicates that only an end-entity
 certificate may follow in the path.
 <p>
 Note that for RFC 2459 this extension is always marked
 critical if <code>cA</code> is TRUE, meaning this certificate belongs
 to a Certificate Authority.
 <p>
 The ASN.1 definition for this is:
 <pre>
 BasicConstraints ::= SEQUENCE {
     cA                  BOOLEAN DEFAULT FALSE,
     pathLenConstraint   INTEGER (0..MAX) OPTIONAL }
 </pre><DD><DL>
</DL>
</DD>
<DD><DL>
<DT><B>Returns:</B><DD>the value of <code>pathLenConstraint</code> if the
 BasicConstraints extension is present in the certificate and the
 subject of the certificate is a CA, otherwise -1.
 If the subject of the certificate is a CA and
 <code>pathLenConstraint</code> does not appear,
 <code>Integer.MAX_VALUE</code> is returned to indicate that there is no
 limit to the allowed length of the certification path.</DL>
</DD>
</DL>
<!-- ========= END OF CLASS DATA ========= -->
<HR>

<!-- ========== START OF NAVBAR ========== -->
<A NAME="navbar_bottom"><!-- --></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_bottom_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3">
  <TR ALIGN="center" VALIGN="top">
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/X509Certificate.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
  </TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
<b>Java<sup><font size=-2>TM</font></sup>&nbsp;2&nbsp;Platform<br>Std.&nbsp;Ed. v1.3</b></EM>
</TD>
</TR>

<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../../java/security/cert/CRL.html"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../../java/security/cert/X509CRL.html"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
  <A HREF="../../../index.html" TARGET="_top"><B>FRAMES</B></A>  &nbsp;
&nbsp;<A HREF="X509Certificate.html" TARGET="_top"><B>NO FRAMES</B></A></FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
  SUMMARY: &nbsp;<A HREF="#inner_classes_inherited_from_class_java.security.cert.Certificate">INNER</A>&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL: &nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<!-- =========== END OF NAVBAR =========== -->

<HR>
<font size="-1"><a href="http://java.sun.com/cgi-bin/bugreport.cgi">Submit a bug or feature</a><br>For further API reference and developer documentation, see <a href="http://java.sun.com/products/jdk/1.3/devdocs-vs-specs.html">Java 2 SDK SE Developer Documentation</a>. That documentation  contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples. <p>Java, Java 2D, and JDBC are trademarks or registered trademarks of Sun Microsystems, Inc. in the US and other countries.<br>Copyright 1993-2000 Sun Microsystems, Inc. 901 San Antonio Road<br>Palo Alto, California, 94303, U.S.A.  All Rights Reserved.</font>
</BODY>
</HTML>