CertificateFactory | java.security.cert |
This class defines methods for parsing certificates, certificate chains (certification paths) and certificate revocation lists (CRLs) from byte streams. Obtain a CertificateFactory by calling one of the static getInstance( ) factory methods and specifying the type of certificate or CRL to be parsed, and, optionally, the desired service provider to perform the parsing. The default "SUN" provider defines only a single "X.509" certificate type, so you typically obtain a CertificateFactory with this code:CertificateFactory certFactory = CertificateFactory.getInstance("X.509");Once you have obtained a CertificateFactory for the desired type of certificate, call generateCertificate( ) to parse a Certificate from a specified byte stream, or call generateCertificates( ) to parse a group of unrelated certificates (i.e. certificates that do not form a certificate chain) from a stream and return them as a Collection of Certificate objects. Similarly, call generateCRL( ) to parse a single CRL object from a stream, and call generateCRLs( ) to parse a Collection of CRL objects from the stream. These CertificateFactory methods read to the end of the specified stream. If the stream supports mark( ) and reset( ), however, the CertificateFactory resets the stream to the position after the end of the last certificate or CRL read. If you specified a certificate type of "X.509", the Certificate and CRL objects returned by a CertificateFactory can be cast safely to X509Certificate and X509CRL. A certificate factory for X.509 certificates can parse certificates encoded in binary or printable hexadecimal form. If the certificate is in hexadecimal form, it must begin with the string "-BEGIN CERTIFICATE-" and end with the string "-END CERTIFICATE-".The generateCertPath( ) methods return a CertPath object representing a certificate chain. These methods can create a CertPath object from a List of Certificate object, or by reading the chained certificates from a stream. Specify the encoding of the certificate chain by passing the name of the encoding standard to generateCertPath( ). The default "SUN" provider supports the "PKCS7" and the "PkiPath" encodings. getCertPathEncoding( ) returns an Iterator of the encodings supported by the current provider. The first encoding returned by the iterator is the default used when no encoding is explicitly specified.public class CertificateFactory { // Protected Constructors protected CertificateFactory (CertificateFactorySpi certFacSpi , java.security.Provider provider , String type ); // Public Class Methods public static final CertificateFactory getInstance (String type ) throws CertificateException; 1.4 public static final CertificateFactory getInstance (String type , java.security.Provider provider ) throws CertificateException; public static final CertificateFactory getInstance (String type , String provider ) throws CertificateException, java.security.NoSuchProviderException; // Public Instance Methods public final java.security.cert.Certificate generateCertificate (java.io.InputStream inStream ) throws CertificateException; public final java.util.Collection<? extends java.security.cert.Certificate> generateCertificates (java.io.InputStream inStream ) throws CertificateException; 1.4 public final CertPath generateCertPath (java.util.List<? extends java.security.cert.Certificate> certificates ) throws CertificateException; 1.4 public final CertPath generateCertPath (java.io.InputStream inStream ) throws CertificateException; 1.4 public final CertPath generateCertPath (java.io.InputStream inStream , String encoding ) throws CertificateException; public final CRL generateCRL (java.io.InputStream inStream ) throws CRLException; public final java.util.Collection<? extends CRL> generateCRLs (java.io.InputStream inStream ) throws CRLException; 1.4 public final java.util.Iterator<String> getCertPathEncodings ( ); public final java.security.Provider getProvider ( ); public final String getType ( ); }
|