X509Certificate
extends Objectimplements AutoCloseable
| java.lang.Object | |
| ↳ | com.pdftron.crypto.X509Certificate |
Class Overview
This class represents an X509 public-key certificate, as specified in RFC 5280.
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| X509Certificate(long impl_ptr) | |||||||||||
|
X509Certificate(String in_certificate_path)
Constructor from filepath.
| |||||||||||
|
X509Certificate(byte[] in_cert_buf)
Constructor from buffer.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| long | __GetHandle() | ||||||||||
| void |
close()
Frees the native memory of the object.
| ||||||||||
| void |
destroy()
Frees the native memory of the object.
| ||||||||||
| byte[] |
getData()
Retrieves the certificate as binary DER-encoded data.
| ||||||||||
| X509Extension[] |
getExtensions()
Retrieves all extensions (as first specified in V3 of X509, see RFC 5280) from the certificate.
| ||||||||||
| String |
getFingerprint()
Retrieves, in a string, a text representation of a cryptographically-secure digest of the certificate that can be used to identify it uniquely.
| ||||||||||
| String |
getFingerprint(DigestAlgorithm in_digest_algorithm)
Retrieves, in a string, a text representation of a cryptographically-secure digest of the certificate that can be used to identify it uniquely.
| ||||||||||
| X501DistinguishedName |
getIssuerField()
Retrieves the names of the certificate issuer as a map of OIDs (i.e.
| ||||||||||
| long |
getNotAfterEpochTime()
Retrieves the notAfter time from the certificate's Validity entry in the form of an integral value representing an epoch time.
| ||||||||||
| long |
getNotBeforeEpochTime()
Retrieves the notBefore time from the certificate's Validity entry in the form of an integral value representing an epoch time.
| ||||||||||
| int |
getRawX509VersionNumber()
Retrieves the version number representing which version of X509 the certificate corresponds to, from the certificate.
| ||||||||||
| byte[] |
getSerialNumber()
Retrieves the serialNumber entry from the certificate.
| ||||||||||
| X501DistinguishedName |
getSubjectField()
Retrieves the names of the certificate subject as a map of OIDs (i.e.
| ||||||||||
| String |
toString()
Returns a string representation of the certificate.
| ||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
|
From interface
java.lang.AutoCloseable
| |||||||||||
Public Constructors
public X509Certificate (long impl_ptr)
public X509Certificate (String in_certificate_path)
Constructor from filepath. The input must be in DER, BER, or PEM encoding. The certificate must be in X.509 format.
Parameters
| in_certificate_path | -- the path to the file containing the certificate |
|---|
Throws
| PDFNetException |
|---|
public X509Certificate (byte[] in_cert_buf)
Constructor from buffer. The input must be in DER, BER, or PEM encoding. The certificate must be in X.509 format.
Parameters
| in_cert_buf | -- a buffer containing the certificate |
|---|
Throws
| PDFNetException |
|---|
Public Methods
public long __GetHandle ()
public void close ()
Frees the native memory of the object. This can be explicity called to control the deallocation of native memory and avoid situations where the garbage collector does not free the object in a timely manner.
Throws
| PDFNetException |
|---|
public void destroy ()
Frees the native memory of the object. This can be explicity called to control the deallocation of native memory and avoid situations where the garbage collector does not free the object in a timely manner.
Throws
| PDFNetException |
|---|
public byte[] getData ()
Retrieves the certificate as binary DER-encoded data. (DER is short for Distinguished Encoding Rules.).
Returns
- a container of bytes representing the certificate, encoded as binary DER
Throws
| PDFNetException |
|---|
public X509Extension[] getExtensions ()
Retrieves all extensions (as first specified in V3 of X509, see RFC 5280) from the certificate.
Returns
- a container of X509Extension objects
Throws
| PDFNetException |
|---|
public String getFingerprint ()
Retrieves, in a string, a text representation of a cryptographically-secure digest of the certificate that can be used to identify it uniquely. Default algorithm parameter is currently SHA-256, but may change in future without further warning, pursuant to security needs.
Returns
- a string representation of the fingerprint, in the form of double ASCII characters representing hex bytes, separated by colons
Throws
| PDFNetException |
|---|
public String getFingerprint (DigestAlgorithm in_digest_algorithm)
Retrieves, in a string, a text representation of a cryptographically-secure digest of the certificate that can be used to identify it uniquely.
Parameters
| in_digest_algorithm | -- An enumeration representing the digest algorithm to use. Currently supported are SHA-1 (SHA-160), SHA-256, SHA-384, and SHA-512. |
|---|
Returns
- a string representation of the fingerprint, in the form of double ASCII characters representing hex bytes, separated by colons
Throws
| PDFNetException |
|---|
public X501DistinguishedName getIssuerField ()
Retrieves the names of the certificate issuer as a map of OIDs (i.e. one of the object identifiers from the X.500 attribute types) to string values. The issuer field identifies the entity that has signed and issued the certificate. The returned value will contain all of the AttributeTypeAndValue items from all of the RelativeDistinguishedNames in the Name of the issuer. See RFC 5280, section 4.1.2.4 and Appendix A.1 (page 116).
Returns
- an X501DistinguishedName object
Throws
| PDFNetException |
|---|
public long getNotAfterEpochTime ()
Retrieves the notAfter time from the certificate's Validity entry in the form of an integral value representing an epoch time.
Returns
- an integer containing an epoch time
Throws
| PDFNetException |
|---|
public long getNotBeforeEpochTime ()
Retrieves the notBefore time from the certificate's Validity entry in the form of an integral value representing an epoch time.
Returns
- an integer containing an epoch time
Throws
| PDFNetException |
|---|
public int getRawX509VersionNumber ()
Retrieves the version number representing which version of X509 the certificate corresponds to, from the certificate. The X509 version number in the certificate, which we return unchanged here, is zero-indexed and therefore is one less in value than the actual version. e.g. X509v3 is represented by a returned version number of 2.
Returns
- an integer containing the version number
Throws
| PDFNetException |
|---|
public byte[] getSerialNumber ()
Retrieves the serialNumber entry from the certificate.
Returns
- bytes representing the components of an integral serial number in big-endian order
Throws
| PDFNetException |
|---|
public X501DistinguishedName getSubjectField ()
Retrieves the names of the certificate subject as a map of OIDs (i.e. one of the object identifiers from the X.500 attribute types) to string values. The subject field represents the identity of the entity associated with the certificate's public key. The returned value will contain all of the AttributeTypeAndValue items from all of the RelativeDistinguishedNames in the Name of the subject. See RFC 5280, section 4.1.2.6 and Appendix A.1 (page 116).
Returns
- an X501DistinguishedName object
Throws
| PDFNetException |
|---|
public String toString ()
Returns a string representation of the certificate. Output may change in future versions.
Returns
- a string representation of the certificate