- All Implemented Interfaces:
Serializable
- Direct Known Subclasses:
X509Certificate
Abstract class for managing a variety of identity certificates. An identity certificate is a binding of a principal to a public key which is vouched for by another principal. (A principal represents an entity such as an individual user, a group, or a corporation.)
This class is an abstraction for certificates that have different formats but important common uses. For example, different types of certificates, such as X.509 and PGP, share general certificate functionality (like encoding and verifying) and some types of information (like a public key).
X.509, PGP, and SDSI certificates can all be implemented by subclassing the Certificate class, even though they contain different sets of information, and they store and retrieve the information in different ways.
- Since:
- 1.2
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionprotected static class
AlternateCertificate
class for serialization. -
Constructor Summary
ModifierConstructorDescriptionprotected
Certificate
(String type) Creates a certificate of the specified type. -
Method Summary
Modifier and TypeMethodDescriptionboolean
Compares this certificate for equality with the specified object.abstract byte[]
Returns the encoded form of this certificate.abstract PublicKey
Gets the public key from this certificate.final String
getType()
Returns the type of this certificate.int
hashCode()
Returns a hashcode value for this certificate from its encoded form.abstract String
toString()
Returns a string representation of this certificate.abstract void
Verifies that this certificate was signed using the private key that corresponds to the specified public key.abstract void
Verifies that this certificate was signed using the private key that corresponds to the specified public key.void
Verifies that this certificate was signed using the private key that corresponds to the specified public key.protected Object
Replace theCertificate
to be serialized with aCertificateRep
object containing the type and encoded bytes of theCertificate
.
-
Constructor Details
-
Certificate
Creates a certificate of the specified type.- Parameters:
type
- the standard name of the certificate type. See the CertificateFactory section in the Java Security Standard Algorithm Names Specification for information about standard certificate types.
-
-
Method Details
-
getType
Returns the type of this certificate.- Returns:
- the type of this certificate.
-
equals
Compares this certificate for equality with the specified object. If theother
object is aninstanceof
Certificate
, then its encoded form is retrieved and compared with the encoded form of this certificate. -
hashCode
public int hashCode()Returns a hashcode value for this certificate from its encoded form. -
getEncoded
Returns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.- Returns:
- the encoded form of this certificate
- Throws:
CertificateEncodingException
- if an encoding error occurs.
-
verify
public abstract void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException Verifies that this certificate was signed using the private key that corresponds to the specified public key.- Parameters:
key
- the PublicKey used to carry out the verification.- Throws:
NoSuchAlgorithmException
- on unsupported signature algorithms.InvalidKeyException
- on incorrect key.NoSuchProviderException
- if there's no default provider.SignatureException
- on signature errors.CertificateException
- on encoding errors.
-
verify
public abstract void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider.- Parameters:
key
- the PublicKey used to carry out the verification.sigProvider
- the name of the signature provider.- Throws:
NoSuchAlgorithmException
- on unsupported signature algorithms.InvalidKeyException
- on incorrect key.NoSuchProviderException
- on incorrect provider.SignatureException
- on signature errors.CertificateException
- on encoding errors.
-
verify
public void verify(PublicKey key, Provider sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider. Note that the specified Provider object does not have to be registered in the provider list.This method was added to version 1.8 of the Java Platform Standard Edition. In order to maintain backwards compatibility with existing service providers, this method cannot be
abstract
and by default throws anUnsupportedOperationException
.- Parameters:
key
- the PublicKey used to carry out the verification.sigProvider
- the signature provider.- Throws:
NoSuchAlgorithmException
- on unsupported signature algorithms.InvalidKeyException
- on incorrect key.SignatureException
- on signature errors.CertificateException
- on encoding errors.UnsupportedOperationException
- if the method is not supported- Since:
- 1.8
-
toString
Returns a string representation of this certificate. -
getPublicKey
Gets the public key from this certificate.- Returns:
- the public key.
-
writeReplace
Replace theCertificate
to be serialized with aCertificateRep
object containing the type and encoded bytes of theCertificate
.- Returns:
- a
CertificateRep
object containing the type and encoded bytes of theCertificate
- Throws:
ObjectStreamException
- if aCertificateRep
object representing thisCertificate
could not be created- Since:
- 1.3
-