Package org.mozilla.jss.pkcs11

Class PK11Cert

java.lang.Object

java.security.cert.Certificate

java.security.cert.X509Certificate

org.mozilla.jss.crypto.X509Certificate

org.mozilla.jss.pkcs11.PK11Cert

All Implemented Interfaces:

Serializable, AutoCloseable, X509Extension, InternalCertificate, TokenCertificate

public class PK11Cert
extends X509Certificate
implements AutoCloseable

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static class	PK11Cert.StringPrincipal	A class that implements Principal with a String.

Nested classes/interfaces inherited from class java.security.cert.Certificate

Certificate.CertificateRep

Field Summary

Fields

Modifier and Type	Field	Description
protected CertProxy	certProxy
static org.slf4j.Logger	logger
protected String	nickname
protected TokenProxy	tokenProxy
private X509CertImpl	x509

Fields inherited from class org.mozilla.jss.crypto.X509Certificate

EMAIL, GOVT_APPROVED_CA, INVISIBLE_CA, NS_TRUSTED_CA, OBJECT_SIGNING, SEND_WARN, SSL, TRUSTED_CA, TRUSTED_CLIENT_CA, TRUSTED_PEER, USER, VALID_CA, VALID_PEER

Constructor Summary

Constructors

Constructor	Description
PK11Cert(byte[] certPtr, byte[] slotPtr, String nickname)

Method Summary

Modifier and Type	Method	Description
void	checkValidity()
void	checkValidity(Date date)
void	close()
boolean	equals(Object other)
void	finalize()
int	getBasicConstraints()
Set<String>	getCriticalExtensionOIDs()
byte[]	getEncoded()
byte[]	getExtensionValue(String oid)
Principal	getIssuerDN()
protected String	getIssuerDNString()
boolean[]	getIssuerUniqueID()
boolean[]	getKeyUsage()
String	getNickname()
Set<String>	getNonCriticalExtensionOIDs()
Date	getNotAfter()
Date	getNotBefore()
CryptoToken	getOwningToken()	Returns the CryptoToken that owns this certificate.
PublicKey	getPublicKey()
BigInteger	getSerialNumber()
protected byte[]	getSerialNumberByteArray()
String	getSigAlgName()
String	getSigAlgOID()
byte[]	getSigAlgParams()
byte[]	getSignature()
Principal	getSubjectDN()
protected String	getSubjectDNString()
boolean[]	getSubjectUniqueID()
byte[]	getTBSCertificate()
int	getTrust(int type)	Gets the trust flags for this cert.
byte[]	getUniqueID()	Returns the unique ID of this key.
int	getVersion()
int	hashCode()
boolean	hasUnsupportedCriticalExtension()
void	setTrust(int type, int trust)	Sets the trust flags for this cert.
String	toString()
void	verify(PublicKey key)
void	verify(PublicKey key, String sigProvider)

Methods inherited from class org.mozilla.jss.crypto.X509Certificate

decodeTrustFlags, encodeTrustFlags, getEmailTrust, getObjectSigningTrust, getSSLTrust, getTrustFlags, isTrustFlagEnabled, setEmailTrust, setObjectSigningTrust, setSSLTrust, setTrustFlags

Methods inherited from class java.security.cert.X509Certificate

getExtendedKeyUsage, getIssuerAlternativeNames, getIssuerX500Principal, getSubjectAlternativeNames, getSubjectX500Principal, verify

Methods inherited from class java.security.cert.Certificate

getType, writeReplace

Methods inherited from class java.lang.Object

clone, getClass, notify, notifyAll, wait, wait, wait

Field Details

logger

public static org.slf4j.Logger logger

x509

private X509CertImpl x509

certProxy

protected CertProxy certProxy

tokenProxy

protected TokenProxy tokenProxy

nickname

protected String nickname

Constructor Details

PK11Cert

PK11Cert(byte[] certPtr,
 byte[] slotPtr,
 String nickname)

Method Details

getEncoded

public byte[] getEncoded()
                  throws CertificateEncodingException

Specified by:

getEncoded in class X509Certificate

Returns:

The DER encoding of this certificate.

Throws:

CertificateEncodingException - If an error occurred.

getNickname

public String getNickname()

Specified by:

getNickname in class X509Certificate

Returns:

The nickname of this certificate (could be null).

hashCode

public int hashCode()

Overrides:

hashCode in class Certificate

equals

public boolean equals(Object other)

Overrides:

equals in class Certificate

getSubjectDN

public Principal getSubjectDN()

Specified by:

getSubjectDN in class X509Certificate

Returns:

The RFC 1485 ASCII encoding of the Subject Name.

getIssuerDN

public Principal getIssuerDN()

Specified by:

getIssuerDN in class X509Certificate

Returns:

The RFC 1485 ASCII encoding of the issuer's Subject Name.

getSerialNumber

public BigInteger getSerialNumber()

Specified by:

getSerialNumber in class X509Certificate

Returns:

The serial number of this certificate.

getSerialNumberByteArray

protected byte[] getSerialNumberByteArray()

getSubjectDNString

protected String getSubjectDNString()

getIssuerDNString

protected String getIssuerDNString()

getPublicKey

public PublicKey getPublicKey()

Specified by:

getPublicKey in class X509Certificate

Returns:

The Public Key from this certificate.

getVersion

public int getVersion()

Specified by:

getVersion in class X509Certificate

Returns:

the version number of this X.509 certificate. 0 means v1, 1 means v2, 2 means v3.

getBasicConstraints

public int getBasicConstraints()

Specified by:

getBasicConstraints in class X509Certificate

getKeyUsage

public boolean[] getKeyUsage()

Specified by:

getKeyUsage in class X509Certificate

getSubjectUniqueID

public boolean[] getSubjectUniqueID()

Specified by:

getSubjectUniqueID in class X509Certificate

getIssuerUniqueID

public boolean[] getIssuerUniqueID()

Specified by:

getIssuerUniqueID in class X509Certificate

getSigAlgParams

public byte[] getSigAlgParams()

Specified by:

getSigAlgParams in class X509Certificate

getSigAlgName

public String getSigAlgName()

Specified by:

getSigAlgName in class X509Certificate

getSigAlgOID

public String getSigAlgOID()

Specified by:

getSigAlgOID in class X509Certificate

getSignature

public byte[] getSignature()

Specified by:

getSignature in class X509Certificate

getTBSCertificate

public byte[] getTBSCertificate()
                         throws CertificateEncodingException

Specified by:

getTBSCertificate in class X509Certificate

Throws:

CertificateEncodingException

getNotAfter

public Date getNotAfter()

Specified by:

getNotAfter in class X509Certificate

getNotBefore

public Date getNotBefore()

Specified by:

getNotBefore in class X509Certificate

checkValidity

public void checkValidity()
                   throws CertificateExpiredException,
CertificateNotYetValidException

Specified by:

checkValidity in class X509Certificate

Throws:

CertificateExpiredException

CertificateNotYetValidException

checkValidity

public void checkValidity(Date date)
                   throws CertificateExpiredException,
CertificateNotYetValidException

Specified by:

checkValidity in class X509Certificate

Throws:

CertificateExpiredException

CertificateNotYetValidException

toString

public String toString()

Specified by:

toString in class Certificate

verify

public void verify(PublicKey key)
            throws CertificateException,
NoSuchAlgorithmException,
InvalidKeyException,
NoSuchProviderException,
SignatureException

Specified by:

verify in class Certificate

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

NoSuchProviderException

SignatureException

verify

public void verify(PublicKey key,
 String sigProvider)
            throws CertificateException,
NoSuchAlgorithmException,
InvalidKeyException,
NoSuchProviderException,
SignatureException

Specified by:

verify in class Certificate

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

NoSuchProviderException

SignatureException

getExtensionValue

public byte[] getExtensionValue(String oid)

Specified by:

getExtensionValue in interface X509Extension

getCriticalExtensionOIDs

public Set<String> getCriticalExtensionOIDs()

Specified by:

getCriticalExtensionOIDs in interface X509Extension

getNonCriticalExtensionOIDs

public Set<String> getNonCriticalExtensionOIDs()

Specified by:

getNonCriticalExtensionOIDs in interface X509Extension

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()

Specified by:

hasUnsupportedCriticalExtension in interface X509Extension

finalize

public void finalize()
              throws Throwable

Overrides:

finalize in class Object

Throws:

Throwable

close

public void close()
           throws Exception

Specified by:

close in interface AutoCloseable

Throws:

Exception

getUniqueID

public byte[] getUniqueID()

Description copied from interface: TokenCertificate

Returns the unique ID of this key. Unique IDs can be used to match certificates to keys.

Specified by:

getUniqueID in interface TokenCertificate

See Also:

• PrivateKey.getUniqueID()

getOwningToken

public CryptoToken getOwningToken()

Description copied from interface: TokenCertificate

Returns the CryptoToken that owns this certificate. Cryptographic operations with this key may only be performed on the token that owns the key.

Specified by:

getOwningToken in interface TokenCertificate

setTrust

public void setTrust(int type,
 int trust)

Description copied from class: X509Certificate

Sets the trust flags for this cert.

Specified by:

setTrust in class X509Certificate

Parameters:

type - SSL, EMAIL, or OBJECT_SIGNING.

trust - The trust flags for this type of trust.

getTrust

public int getTrust(int type)

Description copied from class: X509Certificate

Gets the trust flags for this cert.

Specified by:

getTrust in class X509Certificate

Parameters:

type - SSL, EMAIL, or OBJECT_SIGNING.

Returns:

The trust flags for this type of trust.