CICS® Transaction Gateway Programming Reference V3.1

com.ibm.sslight
Class SSLCert

java.lang.Object
  |
  +--com.ibm.sslight.SSLCert

public class SSLCert
extends java.lang.Object

The SSLCert represents a X.509 vsersion 3 certificate.


Field Summary
(package private)  int alg
           
static int C
          The country component of the X.500 distinguished name.
(package private) static byte[] CERT_ID
           
static int CN
          The common name component of the X.500 distinguished name.
(package private)  int con
           
(package private)  int conL
           
(package private)  int iss
           
(package private)  int issL
           
static int ISSUER
          The distinguished issuer name of the X.509 certificate.
(package private)  int[] key
           
(package private)  int keyL
           
static int L
          The location component of the X.500 distinguished name.
static int O
          The organization component of the X.500 distinguished name.
static int OU
          The organizational unit component of the X.500 distinguished name.
(package private)  int ser
           
(package private)  int serL
           
(package private)  int sig
           
(package private)  int sigAlg
           
(package private)  int sigL
           
(package private)  int sub
           
static int SUBJECT
          The distinguished subject name of the X.509 certificate.
(package private)  int subL
           
(package private)  int val
           
(package private)  int valL
           
(package private)  byte[] x509
           
 
Constructor Summary
SSLCert(byte[] cert)
          Constructs an X.509 version 3 certificate.
 
Method Summary
(package private) static void ()
           
 byte[] encode()
          Returns the ASN.1/BER encoded certificate representation.
 boolean equals(SSLCert cert)
          Tests whether the certificate is equal to another certificate.
 byte[] fingerprint()
          Returns the finger-print of the certificate (MD5 hash of the certificate's content).
 java.lang.String getKeyInfo()
          Returns the key information.
 java.lang.String getNameComponent(int name, int component)
          Returns the name component of the specified X.500 distinguished name included in the certificate.
 byte[] getSerial()
          Returns the certificate's serial number.
 java.util.Date[] getValidity()
          Returns the validity time of the certificate.
 byte[][] key()
          Returns the key assosiated with the X.509 certificate.
 byte verify(SSLCert signer)
          Verifies the certificate.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ISSUER

public static final int ISSUER
The distinguished issuer name of the X.509 certificate.

SUBJECT

public static final int SUBJECT
The distinguished subject name of the X.509 certificate.

CN

public static final int CN
The common name component of the X.500 distinguished name.

C

public static final int C
The country component of the X.500 distinguished name.

L

public static final int L
The location component of the X.500 distinguished name.

O

public static final int O
The organization component of the X.500 distinguished name.

OU

public static final int OU
The organizational unit component of the X.500 distinguished name.

x509

byte[] x509

key

int[] key

sigAlg

int sigAlg

alg

int alg

con

int con

conL

int conL

sig

int sig

sigL

int sigL

iss

int iss

issL

int issL

sub

int sub

subL

int subL

val

int val

valL

int valL

keyL

int keyL

ser

int ser

serL

int serL

CERT_ID

static final byte[] CERT_ID
Constructor Detail

SSLCert

public SSLCert(byte[] cert)
        throws com.ibm.sslight.SSLException
Constructs an X.509 version 3 certificate.
Parameters:
cert - byte array containing ASN.1/BER encoded X.509v3 certificate.
Throws:
com.ibm.sslight.SSLException - with the following reason codes:
  • SSLException.R_WRONG_DATA if the certifiacte data cannot be processed
Method Detail

static void ()

key

public byte[][] key()
Returns the key assosiated with the X.509 certificate.
Returns:
the key. For RSA certificates the key consists of modulus(0) and public exponent(1). For DSS certificates the key consists of prime(0), sub-prime(1), base(2), and public value(3).

equals

public boolean equals(SSLCert cert)
Tests whether the certificate is equal to another certificate.
Parameters:
cert - the certificate.
Returns:
true, if the certificates are equal.

encode

public byte[] encode()
Returns the ASN.1/BER encoded certificate representation.
Returns:
the ASN.1/BER encoded certificate

verify

public byte verify(SSLCert signer)
Verifies the certificate.
Parameters:
signer - the certificate or null. If signer is null the validity check of the certificate is performed. If signer is specified the signature of the certificate is validated using the key contained in the signer certificate.
Returns:
the verification result. The return values: verified(0), certificate expired(45), not verified(42).

getKeyInfo

public java.lang.String getKeyInfo()
Returns the key information. A key is described by the algorithm (RSA, DSA) and the key length in bits.
Returns:
the key information

getSerial

public byte[] getSerial()
Returns the certificate's serial number.
Returns:
the serial number

getNameComponent

public java.lang.String getNameComponent(int name,
                                         int component)
Returns the name component of the specified X.500 distinguished name included in the certificate.
Parameters:
name - the name selection (ISSUER or SUBJECT)
component - the component selection (CN, L, C, O, OU)
Returns:
the name component of the X.500 distinguished name. If the X.500 distinguished name cannot be processes null is returned.

getValidity

public java.util.Date[] getValidity()
Returns the validity time of the certificate.
Returns:
the not before date in the first array component and the not after date in the second array component. If the validity of the X.509 certificate cannot be processes null is returned.

fingerprint

public byte[] fingerprint()
Returns the finger-print of the certificate (MD5 hash of the certificate's content).
Returns:
the finger-print

© Copyright IBM Corp. 1994, 1999