RSA BSAFE ® Cert-J 2.1.1 JAVA COMPONENTS: Class CertTemplate

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.rsa.certj.crmf

Class CertTemplate

java.lang.Object
  |
  +--com.rsa.certj.crmf.CertTemplate

All Implemented Interfaces:: Cloneable, Serializable

public class CertTemplate
extends Object
implements Cloneable, Serializable

This class contains the CertTemplate field from CertReqMsg message, defined in "CertificateRequest Message Format" (RFC 2511).

 CertTemplate ::= SEQUENCE {
   version      [0] Version               OPTIONAL,
   serialNumber [1] INTEGER               OPTIONAL,
   signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
   issuer       [3] Name                  OPTIONAL,
   validity     [4] OptionalValidity      OPTIONAL,
   subject      [5] Name                  OPTIONAL,
   publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
   issuerUID    [7] UniqueIdentifier      OPTIONAL,
   subjectUID   [8] UniqueIdentifier      OPTIONAL,
   extensions   [9] Extensions            OPTIONAL }

 OptionalValidity ::= SEQUENCE {
   notBefore  [0] Time OPTIONAL,
   notAfter   [1] Time OPTIONAL } --at least one must be present

 Time ::= CHOICE {
   utcTime        UTCTime,
   generalTime    GeneralizedTime

See Also: Serialized Form

Field Summary

static int
DSA_WITH_SHA1_X930

Use this flag in setSignatureStandard if the signing transformation is "SHA1/DSA" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the X9.30 standard.

static int
DSA_WITH_SHA1_X957

Use this flag in setSignatureStandard if the signing transformation is "SHA1/DSA" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the X9.57 standard.

static int
RSA_WITH_SHA1_ISO_OIW

Use this flag in setSignatureStandard if the signing transformation is "SHA1/RSA/PKCS1Block01Pad" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the ISO OIW.

static int
RSA_WITH_SHA1_PKCS

Use this flag in setSignatureStandard if the signing transformation is "SHA1/RSA/PKCS1Block01Pad" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the PKCS.

Constructor Summary

CertTemplate()

Constructs an empty CertTemplate object.

CertTemplate(byte[] certBER, int offset, int special)

Constructs a CertTemplate object and initializes it with the values given by certBER beginning at offset, the BER encoding of a certificate template.

Method Summary

Object
clone()

Gets a deeper clone than the default.

boolean
equals(Object obj)

Returns true if this object and obj contain the same CertTemplate object; returns false otherwise.

int
getDEREncoding(byte[] encoding, int offset, int special)

Places the DER encoding of the cert template into encoding, beginning at offset.

int
getDERLen(int special)

Returns the number of bytes in the DER encoding of certTemplate.

Date
getEndDate()

Gets the end (also known as "not after") date of the certificate.

X509V3Extensions
getExtensions()

Gets the extensions in this certificate template.

X500Name
getIssuerName()

Gets the issuer name in this certificate template.

byte[]
getIssuerUniqueID()

Gets the issuer's UniqueIdentifier in this certificate template.

static int
getNextBEROffset(byte[] certBER, int offset)

Finds the index of the next element to encode, given certBER, the BER of a certificate template beginning at offset.

byte[]
getSerialNumber()

Gets the serial number of the certificate.

String
getSignatureAlgorithm()

Gets the signature algorithm.

byte[]
getSignatureAlgorithmDER()

Gets the DER encoding of the signature algorithm.

String
getSignatureFormat(String transformation)

Gets the String to use when calling the JSAFE_Signature method getDERAlgorithmID.

int
getSignatureStandard()

Gets this object's signature standard.

Date
getStartDate()

Gets the start (also known as "not before") date of the certificate.

X500Name
getSubjectName()

Gets the subject name in this certificate template.

com.rsa.jsafe.JSAFE_PublicKey
getSubjectPublicKey()

Gets the public key out of the certificate template.

byte[]
getSubjectPublicKeyBER()

Gets the public-key BER encoding out of the certificate template.

byte[]
getSubjectUniqueID()

Gets the subject's UniqueIdentifier in this certificate template.

int
getVersion()

Gets the version of the certificate.

void
setCertTemplateBER(byte[] certTemplateBER, int offset, int special)

Set this object to be cert template represented by the value given by certTemplateBER beginning at offset, the BER encoding of a certificate template.

void
setExtensions(X509V3Extensions extensions)

Sets the extensions in this certificate template to extensions.

void
setIssuerName(X500Name issuerName)

Sets the issuer name in this certificate template to be issuerName.

void
setIssuerUniqueID(byte[] issuerUniqueID, int offset, int len)

Sets the issuer's UniqueIdentifier in this certificate template to be issuerUniqueID, a value of length len beginning at offset.

void
setSerialNumber(byte[] serialNumber, int offset, int len)

Sets the serial number of the certificate to be serialNumber, a value of length len beginning at offset.

void
setSignatureAlgorithm(byte[] algID, int offset, int len)

Sets the signature algorithm to the given DER-encoded algorithm ID.

void
setSignatureAlgorithm(String algName)

Sets the signature algorithm to the given signature algorithm.

void
setSignatureStandard(int standardFlag)

Sets this object to the specified standard.

void
setSubjectName(X500Name subjectName)

Sets the subject name of this certificate template to be subjectName.

void
setSubjectPublicKey(byte[] publicKeyBER, int offset)

Sets the public key in this certificate template to be the public key represented by the BER encoding publicKeyBER.

void
setSubjectPublicKey(com.rsa.jsafe.JSAFE_PublicKey publicKey)

Sets the public key in this certificate template to be publicKey.

void
setSubjectUniqueID(byte[] subjectUniqueID, int offset, int len)

Sets the subject's UniqueIdentifier in this certificate template to be subjectUniqueID, a value of length len beginning at offset.

void
setTimeType(boolean flag)

Sets the flag specifing which time encoding type user wants to use.

void
setValidity(Date start, Date end)

Sets the validity dates in the certificate template with the start and end dates (also known as "not before" and "not after").

void
setVersion(int version)

Sets the version of the certificate to be version.

Methods inherited from class java.lang.Object

getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

RSA_WITH_SHA1_PKCS

public static final int RSA_WITH_SHA1_PKCS

Use this flag in setSignatureStandard if the signing transformation is "SHA1/RSA/PKCS1Block01Pad" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the PKCS.

This is the default. That is, if setSignatureStandard is not called and the transformation is "SHA1/RSA/PKCS1Block01Pad", the signature algorithm's BER encoding will follow the PKCS.

Note that this is only used when the digest algorithm is SHA1. For all other RSA signatures, do not set the signature standard.

RSA_WITH_SHA1_ISO_OIW

public static final int RSA_WITH_SHA1_ISO_OIW

Note that this is NOT the default. That is, if setSignatureStandard is not called and the transformation is "SHA1/RSA/PKCS1Block01Pad", the signature algorithm's BER encoding will follow the ISO OIW.

Note that this is only used when the digest algorithm is SHA1. For all other RSA signatures, do not set the signature standard.

DSA_WITH_SHA1_X930

public static final int DSA_WITH_SHA1_X930

Use this flag in setSignatureStandard if the signing transformation is "SHA1/DSA" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the X9.30 standard.

This is the default. That is, if setSignatureStandard is not called and the transformation is "SHA1/DSA", the signature algorithm's BER encoding will follow X9.30.

DSA_WITH_SHA1_X957

public static final int DSA_WITH_SHA1_X957

Note that this is NOT the default. That is, if setSignatureStandard is not called and the transformation is "SHA1/DSA", the signature algorithm's BER encoding will follow X9.30.

Constructor Detail

CertTemplate

public CertTemplate()

Constructs an empty CertTemplate object.

CertTemplate

public CertTemplate(byte[] certBER,
                    int offset,
                    int special)
             throws CRMFException

Constructs a CertTemplate object and initializes it with the values given by certBER beginning at offset, the BER encoding of a certificate template.

This constructor only reads the certificate template, it does not perform any verification.

Throws: CRMFException - If the BER is not a valid certificate template.

Method Detail

getNextBEROffset

public static int getNextBEROffset(byte[] certBER,
                                   int offset)
                            throws CRMFException

Finds the index of the next element to encode, given certBER, the BER of a certificate template beginning at offset. In other words, gets the next offset after the certificate template.

For example, if the offset is 120 and the certificate template's BER encoding is 1819 bytes, this method returns 1939, the index immediately following the cert template. That is, certBER[120] is the first byte in the encoding of the cert template, certBER[1938] is the last byte in the encoding of the certificate template, and the next element begins at index 1939.

Returns: An int that indicates the index to the next element in the BER encoding.
Throws: CRMFException - If the method cannot read the BER encoding.

setCertTemplateBER

public void setCertTemplateBER(byte[] certTemplateBER,
                               int offset,
                               int special)
                        throws CRMFException

Set this object to be cert template represented by the value given by certTemplateBER beginning at offset, the BER encoding of a certificate template.

This method only reads the certificate template, it does not perform any verification.

Throws: CRMFException - If the BER is not a valid certificate template.

setVersion

public void setVersion(int version)

Sets the version of the certificate to be version.

Parameters

version

The version number the certificate is supposed to be.

getVersion

public int getVersion()

Gets the version of the certificate.

Returns: An int that is the version number.

setSignatureAlgorithm

public void setSignatureAlgorithm(String algName)
                           throws CRMFException

Sets the signature algorithm to the given signature algorithm. If the signature algorithm is already set, verify that this new signature algorithm matches. If it is not yet set, set it with this value. This method also checks to see if the algorithm is recognized. For more information the signature algorithm, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

Throws: CRMFException - If the algorithm is not recognized, or if algName is null.

setSignatureAlgorithm

public void setSignatureAlgorithm(byte[] algID,
                                  int offset,
                                  int len)
                           throws CRMFException

Sets the signature algorithm to the given DER-encoded algorithm ID. If the signature algorithm is already set, check to make sure this new one matches. If it is not yet set, set it with this value. Check to see if it is an algorithm we recognize. For more information on the signature algorithm, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

Throws: CRMFException - If JSAFE does not recognize the algorithm, or if SignatureAlgorithm is null.

setSignatureStandard

public void setSignatureStandard(int standardFlag)

Sets this object to the specified standard. This will only affect the BER encoding of the signature algorithm ID. Pass one of the fields defined in this class.

For RSA signatures, the PKCS (Public Key Cryptography Standards) defined an OID for sha1WithRSAEncryption. Later on, the ISO Open Systems Environment Implementors' Workshop (OIW) defined a new OID. This class will be able to read either OID in an existing certificate, but if you wish to create a certificate using the ISO OIW OID, you must call this method with the argument RSA_WITH_SHA1_ISO_OIW. If you do not call this method (or call it with the argument RSA_WITH_SHA1_PKCS), when creating certificates, this class will use the OID defined in the PKCS.

For DSA, the X9.30 standard defines the sha1WithDSA signature OID and the DSA key OID. Later on, the X9.57 standard came up with a new OID's. It also redefined the ASN.1 definition of the DSA parameters (p, q, and g). This class will be able to read either OID in an existing certificate, but if you wish to create a certificate using the X9.57 OID, and to represent the public key herein with DSA parameters as defined in X9.57, you must call this method with the argument DSA_WITH_SHA1_X957. If you do not call this method (or call it with the argument DSA_WITH_SHA1_X930), when creating certificates, this class will use the OID defined in X9.30 and represent the public key as defined in X9.30.

Parameters

standardFlag

A field defined in this class, it indicates which standard to use.

getSignatureStandard

public int getSignatureStandard()

Gets this object's signature standard. Returns one of the fields defined in this class.

For RSA signatures, the PKCS defined an OID for sha1WithRSAEncryption. Later on, the ISO OIW defined a new OID.

For DSA, the X9.30 standard defines the sha1WithDSA signature OID and the DSA key OID. Later on, the X9.57 standard came up with a new OID. It also redefined the ASN.1 definition of the DSA parameters (p, q, and g).

If the signature standard is not set, it will return -1.

Returns: signatureAlgorithmFormat: One of the fields defined in this class, it indicates which standard to use.

getSignatureFormat

public String getSignatureFormat(String transformation)

Gets the String to use when calling the JSAFE_Signature method getDERAlgorithmID. A return value of null means one of the following default value will be used: PKCS defined sha1WithRSAEncryption for RSA, and X.930 defined DSA_WITH_SHA1_X930 for DSA.

Returns: A String indicating the appropriate format.

getDERLen

public int getDERLen(int special)
              throws CRMFException

Returns the number of bytes in the DER encoding of certTemplate. If this object is not set with values, this method returns 0.

Returns: The number of bytes in the DER encoding of the certificate template.
Throws: CRMFException - If unable to get encoding length.

getDEREncoding

public int getDEREncoding(byte[] encoding,
                          int offset,
                          int special)
                   throws CRMFException

Places the DER encoding of the cert template into encoding, beginning at offset. To determine how long the encoding will be, call getDERLen.

Returns: The number of bytes actually placed into encoding.
Throws: CRMFException - If ASN.1 encoding fails.

getStartDate

public Date getStartDate()

Gets the start (also known as "not before") date of the certificate. If this certificate template does not have a start date, returns null.

Returns: A Date object specifying when the cert is activated.

getEndDate

public Date getEndDate()

Gets the end (also known as "not after") date of the certificate. If this certificate template does not have an end date, returns null.

Returns: A Date object specifying the expiration date of the certificate.

setTimeType

public void setTimeType(boolean flag)

Sets the flag specifing which time encoding type user wants to use.

Parameters

flag

'true' value means GenTime encoding, 'false' value means UTC encoding.

setValidity

public void setValidity(Date start,
                        Date end)
                 throws CRMFException

Sets the validity dates in the certificate template with the start and end dates (also known as "not before" and "not after").

Throws: CRMFException - If the two dates do not make sense, such as an end before the start.

setSerialNumber

public void setSerialNumber(byte[] serialNumber,
                            int offset,
                            int len)
                     throws CRMFException

Sets the serial number of the certificate to be serialNumber, a value of length len beginning at offset.

Throws: CRMFException - If the passed-in value is null.

getSerialNumber

public byte[] getSerialNumber()

Gets the serial number of the certificate. Return the result in a new byte array. If there is no serial number in this cert template object, returns null.

Returns: A new byte array that contains the serial number.

setIssuerName

public void setIssuerName(X500Name issuerName)
                   throws CRMFException

Sets the issuer name in this certificate template to be issuerName.

Throws: CRMFException - If the issuerName is invalid or null.

getIssuerName

public X500Name getIssuerName()

Gets the issuer name in this certificate template. If there is no issuer name in this certificate object, returns null.

Returns: A new X500Name object that contains the issuer name.

setSubjectName

public void setSubjectName(X500Name subjectName)
                    throws CRMFException

Sets the subject name of this certificate template to be subjectName.

Throws: CRMFException - If the subjectName is invalid or null.

getSubjectName

public X500Name getSubjectName()

Gets the subject name in this certificate template. If there is no subject name in this certificate, returns null.

Returns: A new X500Name object that contains the name.

setIssuerUniqueID

public void setIssuerUniqueID(byte[] issuerUniqueID,
                              int offset,
                              int len)
                       throws CRMFException

Sets the issuer's UniqueIdentifier in this certificate template to be issuerUniqueID, a value of length len beginning at offset.

Throws: CRMFException - If there is an ASN.1 error; or the passed-in value is null.

getIssuerUniqueID

public byte[] getIssuerUniqueID()

Gets the issuer's UniqueIdentifier in this certificate template. Returns the result in a new byte array. If this certificate template does not have an issuer unique ID, returns null.

Returns: A new byte array that contains the issuer's uniqueID

setSubjectUniqueID

public void setSubjectUniqueID(byte[] subjectUniqueID,
                               int offset,
                               int len)
                        throws CRMFException

Sets the subject's UniqueIdentifier in this certificate template to be subjectUniqueID, a value of length len beginning at offset.

Throws: CRMFException - If there is an ASN.1 error; or if the passed-in value is null.

getSubjectUniqueID

public byte[] getSubjectUniqueID()

Gets the subject's UniqueIdentifier in this certificate template. Returns the result in a new byte array. If this certificate does not have a subject unique ID, returns null.

Returns: A new byte array that contains the subject's uniqueID.

getSignatureAlgorithm

public String getSignatureAlgorithm()
                             throws CRMFException

Gets the signature algorithm. Returns a String following the format specified in the Crypto-J class JSAFE_Signature. The following are examples (although not a complete list):

   "MD5/RSA/PKCS1Block01Pad"
   "SHA1/DSA"

For more information on the signature algorithm, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

Returns: A String specifying the signature algorithm.
Throws: CRMFException - If the certificate template has not yet been set with a signature algorithm.

getSignatureAlgorithmDER

public byte[] getSignatureAlgorithmDER()
                                throws CRMFException

Gets the DER encoding of the signature algorithm.

Returns: A new byte array that contains the DER-encoding of the signature algorithm. For more information on the signature algorithm, see the Javadoc RSA BSAFE ® Crypto-J Java Components.
Throws: CRMFException - If the certificate template has not yet been set with a signature algorithm.

setSubjectPublicKey

public void setSubjectPublicKey(com.rsa.jsafe.JSAFE_PublicKey publicKey)
                         throws CRMFException

Sets the public key in this certificate template to be publicKey. If the public key's algorithm requires system parameters, they must be in the key object for security reasons as specified in PKIX. For more information on the public key, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

Throws: CRMFException - If the public-key object is not valid.

setSubjectPublicKey

public void setSubjectPublicKey(byte[] publicKeyBER,
                                int offset)
                         throws CRMFException

Sets the public key in this certificate template to be the public key represented by the BER encoding publicKeyBER. If the public key's algorithm requires system parameters, they must be in the key object for security reasons as specified in PKIX. This method expects the input to follow the ASN.1 definition SubjectPublicKeyInfo. For more information on the public key, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

   SubjectPublicKeyInfo ::= SEQUENCE {
     algorithmID       AlgorithmIdentifier,
     subjectPublicKey  BIT STRING }

Throws: CRMFException - If the public-key BER encoding is not a valid public key.

getSubjectPublicKey

public com.rsa.jsafe.JSAFE_PublicKey getSubjectPublicKey()
                                                  throws CRMFException

Gets the public key out of the certificate template. For more information on the public key, see the Javadoc RSA BSAFE ® Crypto-J Java Components.

Returns: A JSAFE_PublicKey object that contains the public key.
Throws: CRMFException - If there is ASN.1 error.

getSubjectPublicKeyBER

public byte[] getSubjectPublicKeyBER()

Gets the public-key BER encoding out of the certificate template.

Returns: A byte array that contains the public-key BER encoding.

setExtensions

public void setExtensions(X509V3Extensions extensions)
                   throws CRMFException

Sets the extensions in this certificate template to extensions.

Throws: CRMFException - If extensions are of the wrong type.

getExtensions

public X509V3Extensions getExtensions()

Gets the extensions in this certificate template. If there are no extensions, the count of the returned object will be 0.

Returns: An X509V3Extensions object that contains the extensions.

equals

public boolean equals(Object obj)

Returns true if this object and obj contain the same CertTemplate object; returns false otherwise.

Overrides: equals in class Object

Returns: A boolean that indicates whether these objects are equal.

clone

public Object clone()
             throws CloneNotSupportedException

Gets a deeper clone than the default.

Returns: A copy of this object in its current state.
Throws: CloneNotSupportedException - If the cloning operation is not successful.

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

RSA BSAFE ® Cert-J 2.1.1 001-047007-211-001-000

	`certBER`		The BER encoding of a certificate template
	`offset`		The offset into certBER where the encoding begins.

	`encoding`		The `byte` array into which the result will be placed.
	`offset`		The offset into encoding where the writing begins.
	`special`		The special DER circumstances of the encoding, if there are any. The following ASN.1 constants are possible values for special: `APP_IMPLICIT`, `APP_EXPLICIT`, `PRIVATE_IMPLICIT`, `PRIVATE_EXPLICIT`, `OPTIONAL`, `DEFAULT`, `CONTEXT_IMPLICIT`, or `CONTEXT_EXPLICIT`.

Field Summary
static int	`DSA_WITH_SHA1_X930` Use this flag in `setSignatureStandard` if the signing transformation is "SHA1/DSA" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the X9.30 standard.
static int	`DSA_WITH_SHA1_X957` Use this flag in `setSignatureStandard` if the signing transformation is "SHA1/DSA" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the X9.57 standard.
static int	`RSA_WITH_SHA1_ISO_OIW` Use this flag in `setSignatureStandard` if the signing transformation is "SHA1/RSA/PKCS1Block01Pad" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the ISO OIW.
static int	`RSA_WITH_SHA1_PKCS` Use this flag in `setSignatureStandard` if the signing transformation is "SHA1/RSA/PKCS1Block01Pad" and the OID and ASN.1 definition to use for the signature algorithm's BER encoding should follow the PKCS.

Constructor Summary
`CertTemplate()` Constructs an empty `CertTemplate` object.
`CertTemplate(byte[] certBER, int offset, int special)` Constructs a `CertTemplate` object and initializes it with the values given by certBER beginning at offset, the BER encoding of a certificate template.

Method Summary
Object	`clone()` Gets a deeper clone than the default.
boolean	`equals(Object obj)` Returns `true` if this object and obj contain the same `CertTemplate` object; returns `false` otherwise.
int	`getDEREncoding(byte[] encoding, int offset, int special)` Places the DER encoding of the cert template into encoding, beginning at offset.
int	`getDERLen(int special)` Returns the number of bytes in the DER encoding of `certTemplate`.
Date	`getEndDate()` Gets the end (also known as "not after") date of the certificate.
X509V3Extensions	`getExtensions()` Gets the extensions in this certificate template.
X500Name	`getIssuerName()` Gets the issuer name in this certificate template.
byte[]	`getIssuerUniqueID()` Gets the issuer's UniqueIdentifier in this certificate template.
static int	`getNextBEROffset(byte[] certBER, int offset)` Finds the index of the next element to encode, given certBER, the BER of a certificate template beginning at offset.
byte[]	`getSerialNumber()` Gets the serial number of the certificate.
String	`getSignatureAlgorithm()` Gets the signature algorithm.
byte[]	`getSignatureAlgorithmDER()` Gets the DER encoding of the signature algorithm.
String	`getSignatureFormat(String transformation)` Gets the String to use when calling the JSAFE_Signature method `getDERAlgorithmID`.
int	`getSignatureStandard()` Gets this object's signature standard.
Date	`getStartDate()` Gets the start (also known as "not before") date of the certificate.
X500Name	`getSubjectName()` Gets the subject name in this certificate template.
com.rsa.jsafe.JSAFE_PublicKey	`getSubjectPublicKey()` Gets the public key out of the certificate template.
byte[]	`getSubjectPublicKeyBER()` Gets the public-key BER encoding out of the certificate template.
byte[]	`getSubjectUniqueID()` Gets the subject's UniqueIdentifier in this certificate template.
int	`getVersion()` Gets the version of the certificate.
void	`setCertTemplateBER(byte[] certTemplateBER, int offset, int special)` Set this object to be cert template represented by the value given by certTemplateBER beginning at offset, the BER encoding of a certificate template.
void	`setExtensions(X509V3Extensions extensions)` Sets the extensions in this certificate template to extensions.
void	`setIssuerName(X500Name issuerName)` Sets the issuer name in this certificate template to be issuerName.
void	`setIssuerUniqueID(byte[] issuerUniqueID, int offset, int len)` Sets the issuer's `UniqueIdentifier` in this certificate template to be issuerUniqueID, a value of length len beginning at offset.
void	`setSerialNumber(byte[] serialNumber, int offset, int len)` Sets the serial number of the certificate to be serialNumber, a value of length len beginning at offset.
void	`setSignatureAlgorithm(byte[] algID, int offset, int len)` Sets the signature algorithm to the given DER-encoded algorithm ID.
void	`setSignatureAlgorithm(String algName)` Sets the signature algorithm to the given signature algorithm.
void	`setSignatureStandard(int standardFlag)` Sets this object to the specified standard.
void	`setSubjectName(X500Name subjectName)` Sets the subject name of this certificate template to be subjectName.
void	`setSubjectPublicKey(byte[] publicKeyBER, int offset)` Sets the public key in this certificate template to be the public key represented by the BER encoding publicKeyBER.
void	`setSubjectPublicKey(com.rsa.jsafe.JSAFE_PublicKey publicKey)` Sets the public key in this certificate template to be publicKey.
void	`setSubjectUniqueID(byte[] subjectUniqueID, int offset, int len)` Sets the subject's UniqueIdentifier in this certificate template to be subjectUniqueID, a value of length len beginning at offset.
void	`setTimeType(boolean flag)` Sets the flag specifing which time encoding type user wants to use.
void	`setValidity(Date start, Date end)` Sets the validity dates in the certificate template with the start and end dates (also known as "not before" and "not after").
void	`setVersion(int version)` Sets the version of the certificate to be version.