Java in a Nutshell, 5th Edition [Electronic resources] نسخه متنی

This class is a CertSelector for X.509
certificates. Its various set methods allow you to
specify values for various certificate fields and extensions. The
match( ) method will only return
true for certificates that have the specified
values for those fields and extensions. A full understanding of this
class requires detailed knowledge of the X.509 standard which is
beyond the scope of this reference. Some of the more important
methods are described here, however.

When you want to match exactly one specific certificate, simply pass
the desired X509Certificate to
setCertificate( ). Constrain the subject of the
certificate with setSubject( ),
setSubjectAlternativeNames( ), of
addSubjectAlternativeName( ). Constrain the issuer
of the certificate with setIssuer( ). Constrain
the public key of the certificate with setPublicKey(
). Constrain the certificate to be valid on a given date
with setCertificateValid( ). And specify a
specific issuer's serial number for the certificate
with setSerialNumber( ).

Java 5.0 adds methods for identifying certificate subjects and
issuers with
javax.security.auth.x500.X500Principal objects
instead of with strings.

Figure 14-72. java.security.cert.X509CertSelector

public class 
X509CertSelector  implements CertSelector {
// Public Constructors
public 
X509CertSelector ( );  
// Public Instance Methods
public void 
addPathToName (int 
type , String 
name ) 
throws java.io.IOException;  
public void 
addPathToName (int 
type , byte[ ] 
name ) 
throws java.io.IOException;  
public void 
addSubjectAlternativeName (int 
type , byte[ ] 
name ) 
throws java.io.IOException;  
public void 
addSubjectAlternativeName (int 
type , String 
name ) 
throws java.io.IOException;  
public byte[ ] 
getAuthorityKeyIdentifier ( );               default:null
public int 
getBasicConstraints ( );                         default:-1
public X509Certificate 
getCertificate ( );                  default:null
public java.util.Date 
getCertificateValid ( );              default:null
public java.util.Set<String> 
getExtendedKeyUsage ( );    default:null
5.0   public javax.security.auth.x500.X500Principal 
getIssuer ( );  default:null
public byte[ ] 
getIssuerAsBytes ( ) 
throws java.io.IOException;     default:null
public String 
getIssuerAsString ( );                        default:null
public boolean[ ] 
getKeyUsage ( );                          default:null
public boolean 
getMatchAllSubjectAltNames ( );         default:true
public byte[ ] 
getNameConstraints ( );                         default:null
public java.util.Collection<java.util.List<?>> 
getPathToNames ( );     default:null
public java.util.Set<String> 
getPolicy ( );      default:null
public java.util.Date 
getPrivateKeyValid ( );          default:null
public java.math.BigInteger 
getSerialNumber ( );       default:null
5.0   public javax.security.auth.x500.X500Principal 
getSubject ( );     default:null
public java.util.Collection<java.util.List<?>> 
getSubjectAlternativeNames ( );     default:null
public byte[ ] 
getSubjectAsBytes ( ) 
throws java.io.IOException;     default:null
public String 
getSubjectAsString ( );                default:null
public byte[ ] 
getSubjectKeyIdentifier ( );          default:null
public java.security.PublicKey 
getSubjectPublicKey ( );  default:null
public String 
getSubjectPublicKeyAlgID ( );          default:null
public void 
setAuthorityKeyIdentifier (byte[ ] 
authorityKeyID );  
public void 
setBasicConstraints (int 
minMaxPathLen );  
public void 
setCertificate (X509Certificate 
cert );  
public void 
setCertificateValid (java.util.Date 
certValid );  
public void 
setExtendedKeyUsage (java.util.Set<String> 
keyPurposeSet ) 
throws java.io.IOException;  
5.0   public void 
setIssuer (javax.security.auth.x500.X500Principal 
issuer );  
public void 
setIssuer (byte[ ] 
issuerDN ) throws java.io.IOException;  
public void 
setIssuer (String 
issuerDN ) throws java.io.IOException;  
public void 
setKeyUsage (boolean[ ] 
keyUsage );  
public void 
setMatchAllSubjectAltNames (boolean 
matchAllNames );  
public void 
setNameConstraints (byte[ ] 
bytes ) throws java.io.IOException;  
public void 
setPathToNames (java.util.Collection<java.util.List<?>> 
names ) 
throws java.io.IOException;  
public void 
setPolicy (java.util.Set<String> 
certPolicySet ) throws java.io.IOException;  
public void 
setPrivateKeyValid (java.util.Date 
privateKeyValid );  
public void 
setSerialNumber (java.math.BigInteger 
serial );  
public void 
setSubject (String 
subjectDN ) throws java.io.IOException;  
5.0   public void 
setSubject (javax.security.auth.x500.X500Principal 
subject );  
public void 
setSubject (byte[ ] 
subjectDN ) throws java.io.IOException;  
public void 
setSubjectAlternativeNames (java.util.Collection<
java.util.List<?>> 
names ) throws java.io.IOException;  
public void 
setSubjectKeyIdentifier (byte[ ] 
subjectKeyID );  
public void 
setSubjectPublicKey (byte[ ] 
key ) throws java.io.IOException;  
public void 
setSubjectPublicKey (java.security.PublicKey 
key );  
public void 
setSubjectPublicKeyAlgID (String 
oid ) throws java.io.IOException;  
// Methods Implementing CertSelector
public Object 
clone ( );  
public boolean 
match (java.security.cert.Certificate 
cert );  
// Public Methods Overriding Object
public String 
toString ( );  
}