|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||
| Class Summary | |
| AlgorithmIdentifier | This class represents the ASN.1/DER value of the AlgorithmIdentifier defined in Annex D to Recommendation X.509. |
| CRLEntry | a CRLEntry is an entry in an X509Crl. |
| GeneralName | This class represents the GeneralName data type as denoted in X.509. |
| SubjectPublicKeyInfo | Subject Public Key Info according to RFC2459. |
| X509Certificate | Implements a X.509v3 certificate according to the following ASN.1 data
structure:
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}
If you want to create a certificate, follow these steps:
create a X509TBSCertificate object and fill
it with sensible data
call the X509Certificate.X509Certificate(X509TBSCertificate) constructor and
pass the tbsCertificate as an argument
call setSignature with a pre-computed
signature of the tbsCertificate
getEncoded() will return the DER-encoded
certificate as a Byte array.
|
| X509Crl | Certificate Revocation List (CRL) according to rfc2459. |
| X509Extension | This class represents an X.509 extension of this form Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING } Creation date: (18.08.99 15:23:09) |
| X509TBSCertificate | Implements a X.509v3 certificate TBS block according to the following ASN.1
data structure:
TBSCertificate ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version must be v2 or v3
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version must be v2 or v3
extensions [3] EXPLICIT Extensions OPTIONAL -- If present, version must be v3
}
UniqueIdentifier ::= BIT STRING
Validity ::= SEQUENCE {
notBefore Time,
notAfter Time
}
Time ::= CHOICE {
utcTime UTCTime,
generalTime GeneralizedTime
}
If you want to create a certificate, you should create a
X509TBSCertificate, fill it with useful data
(certificate serial number, validity period, subject and issuer DN, subject
public key) and the signature algorithm!
|
| Exception Summary | |
| X509Exception | This exception signals X.509 specific error consitions |
|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||