Certificate

public abstract class Certificate
extends Object implements Serializable

java.lang.Object
   ↳ java.security.cert.Certificate


Abstract class for managing a variety of identity certificates. An identity certificate is a binding of a principal to a public key which is vouched for by another principal. (A principal represents an entity such as an individual user, a group, or a corporation.)

This class is an abstraction for certificates that have different formats but important common uses. For example, different types of certificates, such as X.509 and PGP, share general certificate functionality (like encoding and verifying) and some types of information (like a public key).

X.509, PGP, and SDSI certificates can all be implemented by subclassing the Certificate class, even though they contain different sets of information, and they store and retrieve the information in different ways.

Summary

Nested classes

class Certificate.CertificateRep

Alternate Certificate class for serialization. 

Protected constructors

Certificate(String type)

Creates a certificate of the specified type.

Public methods

boolean equals(Object other)

Compares this certificate for equality with the specified object.

abstract byte[] getEncoded()

Returns the encoded form of this certificate.

abstract PublicKey getPublicKey()

Gets the public key from this certificate.

final String getType()

Returns the type of this certificate.

int hashCode()

Returns a hashcode value for this certificate from its encoded form.

abstract String toString()

Returns a string representation of this certificate.

abstract void verify(PublicKey key, String sigProvider)

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

void verify(PublicKey key, Provider sigProvider)

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

abstract void verify(PublicKey key)

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

Protected methods

Object writeReplace()

Replace the Certificate to be serialized.

Inherited methods

Protected constructors

Certificate

Added in API level 1
protected Certificate (String type)

Creates a certificate of the specified type.

Parameters
type String: the standard name of the certificate type. See the CertificateFactory section in the Java Security Standard Algorithm Names Specification for information about standard certificate types.

Public methods

equals

Added in API level 1
public boolean equals (Object other)

Compares this certificate for equality with the specified object. If the other object is an instanceof Certificate, then its encoded form is retrieved and compared with the encoded form of this certificate.

Parameters
other Object: the object to test for equality with this certificate.

Returns
boolean true iff the encoded forms of the two certificates match, false otherwise.

getEncoded

Added in API level 1
public abstract byte[] getEncoded ()

Returns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.

Returns
byte[] the encoded form of this certificate

Throws
CertificateEncodingException if an encoding error occurs.

getPublicKey

Added in API level 1
public abstract PublicKey getPublicKey ()

Gets the public key from this certificate.

Returns
PublicKey the public key.

getType

Added in API level 1
public final String getType ()

Returns the type of this certificate.

Returns
String the type of this certificate.

hashCode

Added in API level 1
public int hashCode ()

Returns a hashcode value for this certificate from its encoded form.

Returns
int the hashcode value.

toString

Added in API level 1
public abstract String toString ()

Returns a string representation of this certificate.

Returns
String a string representation of this certificate.

verify

Added in API level 1
public abstract void verify (PublicKey key, 
                String sigProvider)

Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider.

Parameters
key PublicKey: the PublicKey used to carry out the verification.

sigProvider String: the name of the signature provider.

Throws
NoSuchAlgorithmException on unsupported signature algorithms.
InvalidKeyException on incorrect key.
NoSuchProviderException on incorrect provider.
SignatureException on signature errors.
CertificateException on encoding errors.

verify

Added in API level 26
public void verify (PublicKey key, 
                Provider sigProvider)

Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider. Note that the specified Provider object does not have to be registered in the provider list.

This method was added to version 1.8 of the Java Platform Standard Edition. In order to maintain backwards compatibility with existing service providers, this method cannot be abstract and by default throws an UnsupportedOperationException.

Parameters
key PublicKey: the PublicKey used to carry out the verification.

sigProvider Provider: the signature provider.

Throws
NoSuchAlgorithmException on unsupported signature algorithms.
InvalidKeyException on incorrect key.
SignatureException on signature errors.
CertificateException on encoding errors.
UnsupportedOperationException if the method is not supported

verify

Added in API level 1
public abstract void verify (PublicKey key)

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

Parameters
key PublicKey: the PublicKey used to carry out the verification.

Throws
NoSuchAlgorithmException on unsupported signature algorithms.
InvalidKeyException on incorrect key.
NoSuchProviderException if there's no default provider.
SignatureException on signature errors.
CertificateException on encoding errors.

Protected methods

writeReplace

Added in API level 1
protected Object writeReplace ()

Replace the Certificate to be serialized.

Returns
Object the alternate Certificate object to be serialized

Throws
ObjectStreamException if a new object representing this Certificate could not be created