java.security.cert

Class Certificate

public abstract class Certificate extends Object implements Serializable

The Certificate class is an abstract class used to manage identity certificates. An identity certificate is a combination of a principal and a public key which is certified by another principal. This is the puprose of Certificate Authorities (CA).

This class is used to manage different types of certificates but have important common puposes. Different types of certificates like X.509 and OpenPGP share general certificate functions (like encoding and verifying) and information like public keys.

X.509, OpenPGP, and SDSI can be implemented by subclassing this class even though they differ in storage methods and information stored.

Since: JDK 1.2

Nested Class Summary
protected static class	Certificate.CertificateRep Certificate.CertificateRep is an inner class used to provide an alternate storage mechanism for serialized Certificates.

Constructor Summary
protected	Certificate(String type) Constructs a new certificate of the specified type.

Method Summary
boolean	equals(Object other) Compares this Certificate to other.
abstract byte[]	getEncoded() Gets the DER ASN.1 encoded format for this Certificate.
abstract PublicKey	getPublicKey() Returns the public key stored in the Certificate.
String	getType() Returns the Certificate type.
int	hashCode() Returns a hash code for this Certificate in its encoded form.
abstract String	toString() Returns a string representing the Certificate.
abstract void	verify(PublicKey key) Verifies that this Certificate was properly signed with the PublicKey that corresponds to its private key.
abstract void	verify(PublicKey key, String sigProvider) Verifies that this Certificate was properly signed with the PublicKey that corresponds to its private key and uses the signature engine provided by the provider.
protected Object	writeReplace() Returns a replacement for this certificate to be serialized.

Constructor Detail

Certificate

protected Certificate(String type)

Constructs a new certificate of the specified type. An example is "X.509".

Parameters: type a valid standard name for a certificate.

Method Detail

equals

public boolean equals(Object other)

Compares this Certificate to other. It checks if the object if instanceOf Certificate and then checks if the encoded form matches.

Parameters: other An Object to test for equality

Returns: true if equal, false otherwise

getEncoded

public abstract byte[] getEncoded()

Gets the DER ASN.1 encoded format for this Certificate. It assumes each certificate has only one encoding format. Ex: X.509 is encoded as ASN.1 DER

Returns: byte array containg encoded form

Throws: CertificateEncodingException if an error occurs

getPublicKey

public abstract PublicKey getPublicKey()

Returns the public key stored in the Certificate.

Returns: The public key

getType

public final String getType()

Returns the Certificate type.

Returns: a string representing the Certificate type

hashCode

public int hashCode()

Returns a hash code for this Certificate in its encoded form.

Returns: A hash code of this class

toString

public abstract String toString()

Returns a string representing the Certificate.

Returns: a string representing the Certificate.

verify

public abstract void verify(PublicKey key)

Verifies that this Certificate was properly signed with the PublicKey that corresponds to its private key.

Parameters: key PublicKey to verify with

Throws: CertificateException encoding error NoSuchAlgorithmException unsupported algorithm InvalidKeyException incorrect key NoSuchProviderException no provider SignatureException signature error

verify

public abstract void verify(PublicKey key, String sigProvider)

Verifies that this Certificate was properly signed with the PublicKey that corresponds to its private key and uses the signature engine provided by the provider.

Parameters: key PublicKey to verify with sigProvider Provider to use for signature algorithm

Throws: CertificateException encoding error NoSuchAlgorithmException unsupported algorithm InvalidKeyException incorrect key NoSuchProviderException incorrect provider SignatureException signature error

writeReplace

protected Object writeReplace()

Returns a replacement for this certificate to be serialized. This method returns the equivalent to the following for this class:

new CertificateRep(getType(), getEncoded());

This thusly replaces the certificate with its name and its encoded form, which can be deserialized later with the {@link CertificateFactory} implementation for this certificate's type.

Returns: The replacement object to be serialized.

Throws: ObjectStreamException If the replacement could not be created.