001: /*
002: *
003: *
004: * Copyright 1990-2007 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: */
026:
027: package javax.microedition.pki;
028:
029: import java.lang.String;
030:
031: /**
032: * Interface common to certificates.
033: * The features abstracted of <CODE>Certificates</CODE> include subject,
034: * issuer, type, version, serial number, signing algorithm, dates of valid use,
035: * and serial number.
036: * <p>
037: * <b>Printable Representation for Binary Values</b></p>
038: * <p>
039: * A non-string values in a certificate are represented as strings with each
040: * byte as two hex digits (capital letters for A-F) separated by ":" (Unicode
041: * U+003A).</p>
042: * <p>
043: * For example: <tt>0C:56:FA:80</tt></p>
044: * <p>
045: * <b>Printable Representation for X.509 Distinguished Names</b></p>
046: * <p>
047: * For a X.509 certificate the value returned is the printable version of
048: * the distinguished name (DN) from the certificate.</p>
049: * <p>
050: * An X.509 distinguished name of is set of attributes, each attribute is a
051: * sequence of an object ID and a value. For string comparison purposes, the
052: * following rules define a strict printable representation.</p>
053: * <p>
054: * <ol>
055: * <li>There is no added white space around separators.</li>
056: *
057: * <li>The attributes are in the same order as in the certificate;
058: * attributes are not reordered.</li>
059: *
060: * <li>If an object ID is in the table below, the label from the table
061: * will be substituted for the object ID, else the ID is formatted as
062: * a string using the binary printable representation above.</li>
063: *
064: * <li>Each object ID or label and value within an attribute will be
065: * separated by a "=" (Unicode U+003D), even if the value is empty.</li>
066: *
067: * <li>If value is not a string, then it is formatted as a string using the
068: * binary printable representation above.</li>
069: *
070: * <li>Attributes will be separated by a ";" (Unicode U+003B)</li>
071: * </ol>
072: * </p>
073: * <br><b>Labels for X.500 Distinguished Name Attributes</b>
074: * <table border="1" cellpadding=4 cellspacing=0 width="100%">
075: *
076: * <tr>
077: * <th bgcolor="#CCCCFF">Object ID</th>
078: * <th bgcolor="#CCCCFF">Binary</th>
079: * <th bgcolor="#CCCCFF">Label</th>
080: * <tr>
081: * <td>id-at-commonName</td>
082: * <td><tt>55:04:03</tt></td>
083: * <td>CN</td>
084: * </tr>
085: * <tr>
086: * <td>id-at-surname</td>
087: * <td><tt>55:04:04</tt></td>
088: * <td>SN</td>
089: * </tr>
090: * <tr>
091: * <td>id-at-countryName</td>
092: * <td><tt>55:04:06</tt></td>
093: * <td>C</td>
094: * </tr>
095: * <tr>
096: * <td>id-at-localityName</td>
097: * <td><tt>55:04:07</tt></td>
098: * <td>L</td>
099: * </tr>
100: * <tr>
101: * <td>id-at-stateOrProvinceName</td>
102: * <td><tt>55:04:08</tt></td>
103: * <td>ST</td>
104: * </tr>
105: * <tr>
106: * <td>id-at-streetAddress</td>
107: * <td><tt>55:04:09</tt></td>
108: * <td>STREET</td>
109: * </tr>
110: * <tr>
111: * <td>id-at-organizationName</td>
112: * <td><tt>55:04:0A</tt></td>
113: * <td>O</td>
114: * </tr>
115: * <tr>
116: * <td>id-at-organizationUnitName</td>
117: * <td><tt>55:04:0B</tt></td>
118: * <td>OU</td>
119: * </tr>
120: * <tr>
121: * <td>emailAddress</td>
122: * <td><tt>2A:86:48:86:F7:0D:01:09:01</tt></td>
123: * <td>EmailAddress</td>
124: * </tr>
125: * </table>
126: * <p>
127: * Example of a printable distinguished name:</p>
128: * <blockquote>
129: * <tt>C=US;O=Any Company, Inc.;CN=www.anycompany.com</tt></blockquote>
130: *
131: */
132:
133: public interface Certificate {
134:
135: /**
136: * Gets the name of this certificate's subject.
137: * @return The subject of this <CODE>Certificate</CODE>;
138: * the value MUST NOT be <CODE>null</CODE>.
139: */
140: public String getSubject();
141:
142: /**
143: * Gets the name of this certificate's issuer.
144: * @return The issuer of the <CODE>Certificate</CODE>;
145: * the value MUST NOT be <CODE>null</CODE>.
146: */
147: public String getIssuer();
148:
149: /**
150: * Get the type of the <CODE>Certificate</CODE>.
151: * For X.509 Certificates the value returned is "X.509".
152: *
153: * @return The type of the <CODE>Certificate</CODE>;
154: * the value MUST NOT be <CODE>null</CODE>.
155: */
156: public String getType();
157:
158: /**
159: * Gets the version number of this <CODE>Certificate</CODE>.
160: * The format of the version number depends on the specific
161: * type and specification.
162: * For a X.509 certificate per RFC 2459 it would be "2".
163: * @return The version number of the <CODE>Certificate</CODE>;
164: * the value MUST NOT be <CODE>null</CODE>.
165: */
166: public String getVersion();
167:
168: /**
169: * Gets the name of the algorithm used to sign the
170: * <CODE>Certificate</CODE>.
171: * The algorithm names returned should be the labels
172: * defined in RFC2459 Section 7.2.
173: * @return The name of signature algorithm;
174: * the value MUST NOT be <CODE>null</CODE>.
175: */
176: public String getSigAlgName();
177:
178: /**
179: * Gets the time before which this <CODE>Certificate</CODE> may not be used
180: * from the validity period.
181: *
182: * @return The time in milliseconds before which the
183: * <CODE>Certificate</CODE> is not valid; it MUST be positive,
184: * <CODE>0</CODE> is returned if the certificate does not
185: * have its validity restricted based on the time.
186: */
187: public long getNotBefore();
188:
189: /**
190: * Gets the time after which this <CODE>Certificate</CODE> may not be used
191: * from the validity period.
192: * @return The time in milliseconds after which the
193: * <CODE>Certificate</CODE> is not valid (expiration date);
194: * it MUST be positive; <CODE>Long.MAX_VALUE</CODE> is returned if
195: * the certificate does not have its validity restricted based on the
196: * time.
197: */
198: public long getNotAfter();
199:
200: /**
201: * Gets the printable form of the serial number of this
202: * <CODE>Certificate</CODE>.
203: * If the serial number within the <CODE>certificate</CODE>
204: * is binary it should be formatted as a string using the binary printable
205: * representation in class description.
206: * For example, 0C:56:FA:80.
207: * @return A string containing the serial number
208: * in user-friendly form; <CODE>null</CODE> is returned
209: * if there is no serial number.
210: */
211: public String getSerialNumber();
212:
213: }
|