📄 x509certificate.java
字号:
Consult rfc2459 for more information. @return the date <I>notBefore</I> */ public abstract Date getNotBefore(); /** Returns the date that this certificate is not to be used after, <I>notAfter</I>. @return the date <I>notAfter</I> */ public abstract Date getNotAfter(); /** Returns the <I>tbsCertificate</I> from the certificate. @return the DER encoded tbsCertificate @throws CertificateEncodingException if encoding error occurred */ public abstract byte[] getTBSCertificate() throws CertificateEncodingException; /** Returns the signature in its raw DER encoded format. The ASN.1 DER encoding is: signatureValue BIT STRING Consult rfc2459 for more information. @return byte array representing signature */ public abstract byte[] getSignature(); /** Returns the signature algorithm used to sign the CRL. An examples is "SHA-1/DSA". The ASN.1 DER encoding is: signatureAlgorithm AlgorithmIdentifier, AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL } Consult rfc2459 for more information. The algorithm name is determined from the OID. @return a string with the signature algorithm name */ public abstract String getSigAlgName(); /** Returns the OID for the signature algorithm used. Example "1.2.840.10040.4.3" is return for SHA-1 with DSA.\ The ASN.1 DER encoding for the example is: id-dsa-with-sha1 ID ::= { iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 } Consult rfc2459 for more information. @return a string containing the OID. */ public abstract String getSigAlgOID(); /** Returns the AlgorithmParameters in the encoded form for the signature algorithm used. If access to the parameters is need, create an instance of AlgorithmParameters. @return byte array containing algorithm parameters, null if no parameters are present in certificate */ public abstract byte[] getSigAlgParams(); /** Returns the issuer unique ID for this certificate. The ASN.1 DER encoding is: issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version shall be v2 or v3 UniqueIdentifier ::= BIT STRING Consult rfc2459 for more information. @return bit representation of <I>issuerUniqueID</I> */ public abstract boolean[] getIssuerUniqueID(); /** Returns the subject unique ID for this certificate. The ASN.1 DER encoding is: subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version shall be v2 or v3 UniqueIdentifier ::= BIT STRING Consult rfc2459 for more information. @return bit representation of <I>subjectUniqueID</I> */ public abstract boolean[] getSubjectUniqueID(); /** Returns a boolean array representing the <I>KeyUsage</I> extension for the certificate. The KeyUsage (OID = 2.5.29.15) defines the purpose of the key in the certificate. The ASN.1 DER encoding is: id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } Consult rfc2459 for more information. @return bit representation of <I>KeyUsage</I> */ public abstract boolean[] getKeyUsage(); /** Returns the certificate constraints path length from the critical BasicConstraints extension, (OID = 2.5.29.19). The basic constraints extensions is used to determine if the subject of the certificate is a Certificate Authority (CA) and how deep the certification path may exist. The <I>pathLenConstraint</I> only takes affect if <I>cA</I> is set to true. "A value of zero indicates that only an end-entity certificate may follow in the path." (rfc2459) The ASN.1 DER encoding is: id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } BasicConstraints ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER (0..MAX) OPTIONAL } Consult rfc2459 for more information. @return the length of the path constraint if BasicConstraints is present and cA is TRUE. Otherwise returns -1. */ public abstract int getBasicConstraints(); // 1.4 instance methods. // ------------------------------------------------------------------------ /** * Returns the <code>ExtendedKeyUsage</code> extension of this * certificate, or null if there is no extension present. The returned * value is a {@link java.util.List} strings representing the object * identifiers of the extended key usages. This extension has the OID * 2.5.29.37. * * <p>The ASN.1 definition for this extension is: * * <blockquote><pre> * ExtendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId * * KeyPurposeId ::= OBJECT IDENTIFIER * </pre></blockquote> * * @return The list of extension OIDs, or null if there are none * present in this certificate. * @throws CertificateParsingException If this extension cannot be * parsed from its encoded form. */ public java.util.List getExtendedKeyUsage() throws CertificateParsingException { throw new UnsupportedOperationException(); } /** * Returns the alternative names for this certificate's subject (the * owner), or null if there are none. * * <p>This is an X.509 extension with OID 2.5.29.17 and is defined by * the ASN.1 construction: * * <blockquote><pre> * SubjectAltNames ::= GeneralNames * * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName * * GeneralName ::= CHOICE { * otherName [0] OtherName, * rfc822Name [1] IA5String, * dNSName [2] IA5String, * x400Address [3] ORAddress, * directoryName [4] Name, * ediPartyName [5] EDIPartyName, * uniformResourceIdentifier [6] IA5String, * iPAddress [7] OCTET STRING, * registeredID [8] OBJECT IDENTIFIER * } * </pre></blockquote> * * <p>The returned collection contains one or more two-element Lists, * with the first object being an Integer representing the choice * above (with value 0 through 8) and the second being an (a) String * if the <code>GeneralName</code> is a rfc822Name, dNSName, * uniformResourceIdentifier, iPAddress, or registeredID, or (b) a * byte array of the DER encoded form for any others. * * @return The collection of alternative names, or null if there are * none. * @throws CertificateParsingException If the encoded extension cannot * be parsed. * @since JDK 1.4 */ public java.util.Collection getSubjectAlternativeNames() throws CertificateParsingException { throw new UnsupportedOperationException(); } /** * Returns the alternative names for this certificate's issuer, or * null if there are none. * * <p>This is an X.509 extension with OID 2.5.29.18, and is defined by * the ASN.1 construction: * * <blockquote><pre> * IssuerAltNames ::= GeneralNames * </pre></blockquote> * * <p>The <code>GeneralNames</code> construct and the form of the * returned collection are the same as with {@link * #getSubjectAlternativeNames()}. * * @return The collection of alternative names, or null if there are * none. * @throws CertificateParsingException If the encoded extension cannot * be parsed. * @since JDK 1.4 */ public java.util.Collection getIssuerAlternativeNames() throws CertificateParsingException { throw new UnsupportedOperationException(); } /** * Returns the X.500 distinguished name of this certificate's subject. * * @return The subject's X.500 distinguished name. * @since JDK 1.4 */ public javax.security.auth.x500.X500Principal getSubjectX500Principal() { throw new UnsupportedOperationException(); } /** * Returns the X.500 distinguished name of this certificate's issuer. * * @return The issuer's X.500 distinguished name. * @since JDK 1.4 */ public javax.security.auth.x500.X500Principal getIssuerX500Principal() { throw new UnsupportedOperationException(); }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -