Class PK11Cert

    • Method Detail

      • isTrustFlagEnabled

        public static boolean isTrustFlagEnabled​(int flag,
                                                 int flags)
      • encodeTrustFlags

        public static java.lang.String encodeTrustFlags​(int flags)
      • decodeTrustFlags

        public static int decodeTrustFlags​(java.lang.String flags)
                                    throws java.lang.Exception
        Throws:
        java.lang.Exception
      • getEncoded

        public byte[] getEncoded()
                          throws java.security.cert.CertificateEncodingException
        Specified by:
        getEncoded in interface X509Certificate
        Specified by:
        getEncoded in class java.security.cert.Certificate
        Returns:
        The DER encoding of this certificate.
        Throws:
        java.security.cert.CertificateEncodingException - If an error occurred.
      • getNickname

        public java.lang.String getNickname()
        Specified by:
        getNickname in interface X509Certificate
        Returns:
        The nickname of this certificate (could be null).
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.security.cert.Certificate
      • equals

        public boolean equals​(java.lang.Object other)
        Overrides:
        equals in class java.security.cert.Certificate
      • getSubjectDN

        public java.security.Principal getSubjectDN()
        Specified by:
        getSubjectDN in interface X509Certificate
        Specified by:
        getSubjectDN in class java.security.cert.X509Certificate
        Returns:
        The RFC 1485 ASCII encoding of the Subject Name.
      • getIssuerDN

        public java.security.Principal getIssuerDN()
        Specified by:
        getIssuerDN in interface X509Certificate
        Specified by:
        getIssuerDN in class java.security.cert.X509Certificate
        Returns:
        The RFC 1485 ASCII encoding of the issuer's Subject Name.
      • getSerialNumber

        public java.math.BigInteger getSerialNumber()
        Specified by:
        getSerialNumber in interface X509Certificate
        Specified by:
        getSerialNumber in class java.security.cert.X509Certificate
        Returns:
        The serial number of this certificate.
      • getSerialNumberByteArray

        protected byte[] getSerialNumberByteArray()
      • getSubjectDNString

        protected java.lang.String getSubjectDNString()
      • getIssuerDNString

        protected java.lang.String getIssuerDNString()
      • getPublicKey

        public java.security.PublicKey getPublicKey()
        Specified by:
        getPublicKey in interface X509Certificate
        Specified by:
        getPublicKey in class java.security.cert.Certificate
        Returns:
        The Public Key from this certificate.
      • getVersion

        public int getVersion()
        Specified by:
        getVersion in interface X509Certificate
        Specified by:
        getVersion in class java.security.cert.X509Certificate
        Returns:
        the version number of this X.509 certificate. 0 means v1, 1 means v2, 2 means v3.
      • getBasicConstraints

        public int getBasicConstraints()
        Specified by:
        getBasicConstraints in class java.security.cert.X509Certificate
      • getKeyUsage

        public boolean[] getKeyUsage()
        Specified by:
        getKeyUsage in class java.security.cert.X509Certificate
      • getSubjectUniqueID

        public boolean[] getSubjectUniqueID()
        Specified by:
        getSubjectUniqueID in class java.security.cert.X509Certificate
      • getIssuerUniqueID

        public boolean[] getIssuerUniqueID()
        Specified by:
        getIssuerUniqueID in class java.security.cert.X509Certificate
      • getSigAlgParams

        public byte[] getSigAlgParams()
        Specified by:
        getSigAlgParams in class java.security.cert.X509Certificate
      • getSigAlgName

        public java.lang.String getSigAlgName()
        Specified by:
        getSigAlgName in class java.security.cert.X509Certificate
      • getSigAlgOID

        public java.lang.String getSigAlgOID()
        Specified by:
        getSigAlgOID in class java.security.cert.X509Certificate
      • getSignature

        public byte[] getSignature()
        Specified by:
        getSignature in class java.security.cert.X509Certificate
      • getTBSCertificate

        public byte[] getTBSCertificate()
                                 throws java.security.cert.CertificateEncodingException
        Specified by:
        getTBSCertificate in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateEncodingException
      • getNotAfter

        public java.util.Date getNotAfter()
        Specified by:
        getNotAfter in class java.security.cert.X509Certificate
      • getNotBefore

        public java.util.Date getNotBefore()
        Specified by:
        getNotBefore in class java.security.cert.X509Certificate
      • checkValidity

        public void checkValidity()
                           throws java.security.cert.CertificateExpiredException,
                                  java.security.cert.CertificateNotYetValidException
        Specified by:
        checkValidity in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateExpiredException
        java.security.cert.CertificateNotYetValidException
      • checkValidity

        public void checkValidity​(java.util.Date date)
                           throws java.security.cert.CertificateExpiredException,
                                  java.security.cert.CertificateNotYetValidException
        Specified by:
        checkValidity in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateExpiredException
        java.security.cert.CertificateNotYetValidException
      • toString

        public java.lang.String toString()
        Specified by:
        toString in class java.security.cert.Certificate
      • verify

        public void verify​(java.security.PublicKey key)
                    throws java.security.cert.CertificateException,
                           java.security.NoSuchAlgorithmException,
                           java.security.InvalidKeyException,
                           java.security.NoSuchProviderException,
                           java.security.SignatureException
        Specified by:
        verify in class java.security.cert.Certificate
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.NoSuchProviderException
        java.security.SignatureException
      • verify

        public void verify​(java.security.PublicKey key,
                           java.lang.String sigProvider)
                    throws java.security.cert.CertificateException,
                           java.security.NoSuchAlgorithmException,
                           java.security.InvalidKeyException,
                           java.security.NoSuchProviderException,
                           java.security.SignatureException
        Specified by:
        verify in class java.security.cert.Certificate
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.NoSuchProviderException
        java.security.SignatureException
      • getExtensionValue

        public byte[] getExtensionValue​(java.lang.String oid)
        Specified by:
        getExtensionValue in interface java.security.cert.X509Extension
      • getCriticalExtensionOIDs

        public java.util.Set<java.lang.String> getCriticalExtensionOIDs()
        Specified by:
        getCriticalExtensionOIDs in interface java.security.cert.X509Extension
      • getNonCriticalExtensionOIDs

        public java.util.Set<java.lang.String> getNonCriticalExtensionOIDs()
        Specified by:
        getNonCriticalExtensionOIDs in interface java.security.cert.X509Extension
      • hasUnsupportedCriticalExtension

        public boolean hasUnsupportedCriticalExtension()
        Specified by:
        hasUnsupportedCriticalExtension in interface java.security.cert.X509Extension
      • finalize

        public void finalize()
                      throws java.lang.Throwable
        Overrides:
        finalize in class java.lang.Object
        Throws:
        java.lang.Throwable
      • close

        public void close()
                   throws java.lang.Exception
        Specified by:
        close in interface java.lang.AutoCloseable
        Throws:
        java.lang.Exception
      • getOwningToken

        public CryptoToken getOwningToken()
        Description copied from interface: TokenCertificate
        Returns the CryptoToken that owns this certificate. Cryptographic operations with this key may only be performed on the token that owns the key.
        Specified by:
        getOwningToken in interface TokenCertificate
      • setTrust

        protected void setTrust​(int type,
                                int trust)
        Sets the trust flags for this cert.
        Parameters:
        type - SSL, EMAIL, or OBJECT_SIGNING.
        trust - The trust flags for this type of trust.
      • getTrust

        protected int getTrust​(int type)
        Gets the trust flags for this cert.
        Parameters:
        type - SSL, EMAIL, or OBJECT_SIGNING.
        Returns:
        The trust flags for this type of trust.
      • setSSLTrust

        public void setSSLTrust​(int trust)
        Set the SSL trust flags for this certificate.
        Specified by:
        setSSLTrust in interface InternalCertificate
        Parameters:
        trust - A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • setEmailTrust

        public void setEmailTrust​(int trust)
        Set the email (S/MIME) trust flags for this certificate.
        Specified by:
        setEmailTrust in interface InternalCertificate
        Parameters:
        trust - A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • setObjectSigningTrust

        public void setObjectSigningTrust​(int trust)
        Set the object signing trust flags for this certificate.
        Specified by:
        setObjectSigningTrust in interface InternalCertificate
        Parameters:
        trust - A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • getSSLTrust

        public int getSSLTrust()
        Get the SSL trust flags for this certificate.
        Specified by:
        getSSLTrust in interface InternalCertificate
        Returns:
        A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • getEmailTrust

        public int getEmailTrust()
        Get the email (S/MIME) trust flags for this certificate.
        Specified by:
        getEmailTrust in interface InternalCertificate
        Returns:
        A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • getObjectSigningTrust

        public int getObjectSigningTrust()
        Get the object signing trust flags for this certificate.
        Specified by:
        getObjectSigningTrust in interface InternalCertificate
        Returns:
        A bitwise OR of the trust flags VALID_PEER, VALID_CA, TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
      • getTrustFlags

        public java.lang.String getTrustFlags()
      • setTrustFlags

        public void setTrustFlags​(java.lang.String trustFlags)
                           throws java.lang.Exception
        Throws:
        java.lang.Exception