Package org.bouncycastle.cert

Class X509CertificateHolder

java.lang.Object
org.bouncycastle.cert.X509CertificateHolder
All Implemented Interfaces:
Serializable, Encodable
Direct Known Subclasses:
JcaX509CertificateHolder
public class X509CertificateHolder extends Object implements Encodable, Serializable
Holding class for an X.509 Certificate structure.
See Also:

  • Constructor Details

    • X509CertificateHolder

      public X509CertificateHolder(byte[] certEncoding) throws IOException
      Create a X509CertificateHolder from the passed in bytes.
      Parameters:
      certEncoding - BER/DER encoding of the certificate.
      Throws:
      IOException - in the event of corrupted data, or an incorrect structure.

    • X509CertificateHolder

      public X509CertificateHolder(Certificate x509Certificate)
      Create a X509CertificateHolder from the passed in ASN.1 structure.
      Parameters:
      x509Certificate - an ASN.1 Certificate structure.

  • Method Details

    • getVersionNumber

      public int getVersionNumber()

    • getVersion

      public int getVersion()
      Deprecated.
      use getVersionNumber

    • hasExtensions

      public boolean hasExtensions()
      Return whether or not the holder's certificate contains extensions.
      Returns:
      true if extension are present, false otherwise.

    • getExtension

      public Extension getExtension(ASN1ObjectIdentifier oid)
      Look up the extension associated with the passed in OID.
      Parameters:
      oid - the OID of the extension of interest.
      Returns:
      the extension if present, null otherwise.

    • getExtensions

      public Extensions getExtensions()
      Return the extensions block associated with this certificate if there is one.
      Returns:
      the extensions block, null otherwise.

    • getExtensionOIDs

      public List getExtensionOIDs()
      Returns a list of ASN1ObjectIdentifier objects representing the OIDs of the extensions contained in this holder's certificate.
      Returns:
      a list of extension OIDs.

    • getCriticalExtensionOIDs

      public Set getCriticalExtensionOIDs()
      Returns a set of ASN1ObjectIdentifier objects representing the OIDs of the critical extensions contained in this holder's certificate.
      Returns:
      a set of critical extension OIDs.

    • getNonCriticalExtensionOIDs

      public Set getNonCriticalExtensionOIDs()
      Returns a set of ASN1ObjectIdentifier objects representing the OIDs of the non-critical extensions contained in this holder's certificate.
      Returns:
      a set of non-critical extension OIDs.

    • getSerialNumber

      public BigInteger getSerialNumber()
      Return the serial number of this attribute certificate.
      Returns:
      the serial number.

    • getIssuer

      public X500Name getIssuer()
      Return the issuer of this certificate.
      Returns:
      the certificate issuer.

    • getSubject

      public X500Name getSubject()
      Return the subject this certificate is for.
      Returns:
      the subject for the certificate.

    • getNotBefore

      public Date getNotBefore()
      Return the date before which this certificate is not valid.
      Returns:
      the start time for the certificate's validity period.

    • getNotAfter

      public Date getNotAfter()
      Return the date after which this certificate is not valid.
      Returns:
      the final time for the certificate's validity period.

    • getSubjectPublicKeyInfo

      public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
      Return the SubjectPublicKeyInfo describing the public key this certificate is carrying.
      Returns:
      the public key ASN.1 structure contained in the certificate.

    • toASN1Structure

      public Certificate toASN1Structure()
      Return the underlying ASN.1 structure for the certificate in this holder.
      Returns:
      a Certificate object.

    • getSignatureAlgorithm

      public AlgorithmIdentifier getSignatureAlgorithm()
      Return the details of the signature algorithm used to create this attribute certificate.
      Returns:
      the AlgorithmIdentifier describing the signature algorithm used to create this attribute certificate.

    • getSignature

      public byte[] getSignature()
      Return the bytes making up the signature associated with this certificate.
      Returns:
      the certificate signature bytes.

    • isValidOn

      public boolean isValidOn(Date date)
      Return whether or not this certificate is valid on a particular date.
      Parameters:
      date - the date of interest.
      Returns:
      true if the certificate is valid, false otherwise.

    • isSignatureValid

      public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException
      Validate the signature on the certificate in this holder.
      Parameters:
      verifierProvider - a ContentVerifierProvider that can generate a verifier for the signature.
      Returns:
      true if the signature is valid, false otherwise.
      Throws:
      CertException - if the signature cannot be processed or is inappropriate.

    • isAlternativeSignatureValid

      public boolean isAlternativeSignatureValid(ContentVerifierProvider verifierProvider) throws CertException
      Validate the signature on the certificate in this holder.
      Parameters:
      verifierProvider - a ContentVerifierProvider that can generate a verifier for the signature.
      Returns:
      true if the signature is valid, false otherwise.
      Throws:
      CertException - if the signature cannot be processed or is inappropriate.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • getEncoded

      public byte[] getEncoded() throws IOException
      Return the ASN.1 encoding of this holder's certificate.
      Specified by:
      getEncoded in interface Encodable
      Returns:
      a DER encoded byte array.
      Throws:
      IOException - if an encoding cannot be generated.