Use is subject to License Terms. Your use of this web site or any of its content or software indicates your agreement to be bound by these License Terms.

Copyright © 2006 Sun Microsystems, Inc. All rights reserved.

JSR 217 (Maintenance Release)

javax.microedition.pki
Interface Certificate


public interface Certificate

Interface common to certificates. The features abstracted of Certificates include subject, issuer, type, version, serial number, signing algorithm, dates of valid use, and serial number.

Printable Representation for Binary Values

A non-string values in a certificate are represented as strings with each byte as two hex digits (capital letters for A-F) separated by ":" (Unicode U+003A).

For example: 0C:56:FA:80

Printable Representation for X.509 Distinguished Names

For a X.509 certificate the value returned is the printable verision of the distingished name (DN) from the certificate.

An X.509 distinguished name of is set of attributes, each attribute is a sequence of an object ID and a value. For string comparison purposes, the following rules define a strict printable representation.

  1. There is no added white space around separators.
  2. The attributes are in the same order as in the certificate; attributes are not reordered.
  3. If an object ID is in the table below, the label from the table will be substituted for the object ID, else the ID is formatted as a string using the binary printable representation above.
  4. Each object ID or label and value within an attribute will be separated by a "=" (Unicode U+003D), even if the value is empty.
  5. If value is not a string, then it is formatted as a string using the binary printable representation above.
  6. Attributes will be separated by a ";" (Unicode U+003B)


Labels for X.500 Distinguished Name Attributes
Object ID Binary Label
id-at-commonName 55:04:03 CN
id-at-surname 55:04:04 SN
id-at-countryName 55:04:06 C
id-at-localityName 55:04:07 L
id-at-stateOrProvinceName 55:04:08 ST
id-at-streetAddress 55:04:09 STREET
id-at-organizationName 55:04:0A O
id-at-organizationUnitName 55:04:0B OU
emailAddress 2A:86:48:86:F7:0D:01:09:01 EmailAddress

Example of a printable distinguished name:

C=US;O=Any Company, Inc.;CN=www.anycompany.com

Since:
MIDP 2.0

Method Summary
 String getIssuer()
          Gets the name of this certificate's issuer.
 long getNotAfter()
          Gets the time after which this Certificate may not be used from the validity period.
 long getNotBefore()
          Gets the time before which this Certificate may not be used from the validity period.
 String getSerialNumber()
          Gets the printable form of the serial number of this Certificate.
 String getSigAlgName()
          Gets the name of the algorithm used to sign the Certificate.
 String getSubject()
          Gets the name of this certificate's subject.
 String getType()
          Get the type of the Certificate.
 String getVersion()
          Gets the version number of this Certificate.
 

Method Detail

getSubject

public String getSubject()
Gets the name of this certificate's subject.

Returns:
The subject of this Certificate; the value MUST NOT be null.

getIssuer

public String getIssuer()
Gets the name of this certificate's issuer.

Returns:
The issuer of the Certificate; the value MUST NOT be null.

getType

public String getType()
Get the type of the Certificate. For X.509 Certificates the value returned is "X.509".

Returns:
The type of the Certificate; the value MUST NOT be null.

getVersion

public String getVersion()
Gets the version number of this Certificate. The format of the version number depends on the specific type and specification. For a X.509 certificate per RFC 2459 it would be "2".

Returns:
The version number of the Certificate; the value MUST NOT be null.

getSigAlgName

public String getSigAlgName()
Gets the name of the algorithm used to sign the Certificate. The algorithm names returned should be the labels defined in RFC2459 Section 7.2.

Returns:
The name of signature algorithm; the value MUST NOT be null.

getNotBefore

public long getNotBefore()
Gets the time before which this Certificate may not be used from the validity period.

Returns:
The time in milliseconds before which the Certificate is not valid; it MUST be positive, 0 is returned if the certificate does not have its validity restricted based on the time.

getNotAfter

public long getNotAfter()
Gets the time after which this Certificate may not be used from the validity period.

Returns:
The time in milliseconds after which the Certificate is not valid (expiration date); it MUST be positive; Long.MAX_VALUE is returned if the certificate does not have its validity restricted based on the time.

getSerialNumber

public String getSerialNumber()
Gets the printable form of the serial number of this Certificate. If the serial number within the certificate is binary it should be formatted as a string using the binary printable representation in class description. For example, 0C:56:FA:80.

Returns:
A string containing the serial number in user-friendly form; null is returned if there is no serial number.

JSR 217 (Maintenance Release)

Copyright © 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to License Terms. Your use of this web site or any of its content or software indicates your agreement to be bound by these License Terms.

For more information, please consult the JSR 217 specification.