org.openpermis.cert
Class AttributeCertificateGenerator

java.lang.Object
  extended by org.openpermis.cert.AttributeCertificateGenerator

public class AttributeCertificateGenerator
extends Object

This class represents an attribute certificate generator.

Since:
0.3.0

Field Summary
private  org.bouncycastle.x509.X509Attribute attributes
           
static String DEFAULT_SIGNATURE_ALGORITHM
          Default signature algorithm.
private  X500Principal holder
           
private  X509Certificate issuerCertificate
           
private  PrivateKey issuerPrivateKey
           
private  Date notAfter
           
private  Date notBefore
           
private  String provider
           
private  BigInteger serialNumber
           
private  String signatureAlgorithm
           
 
Constructor Summary
AttributeCertificateGenerator()
          Creates an AttributeCertificateGenerator with the current security provider and "SHA1WithRSAEncryption" as default signature algorithm.
AttributeCertificateGenerator(String provider)
          Creates an AttributeCertificateGenerator with security provider and "SHA1WithRSAEncryption" as default signature algorithm.
AttributeCertificateGenerator(String provider, String signatureAlgorithm)
          Creates an AttributeCertificateGenerator with security provider and signature algorithm.
 
Method Summary
 AttributeCertificate generate()
          Generates an AttributeCertificate.
 AttributeCertificateGenerator notValidAfter(Date date)
          Sets the not valid after date of the generated AttributeCertificate.
 AttributeCertificateGenerator notValidBefore(Date date)
          Sets the not valid before date of the generated AttributeCertificate.
 AttributeCertificateGenerator reset()
          Resets all inputs.
 AttributeCertificateGenerator withAttribute(Attribute attribute)
          Sets the attribute of the generated AttributeCertificate.
 AttributeCertificateGenerator withHolder(X500Principal principal)
          Sets the holder of the generated AttributeCertificate.
 AttributeCertificateGenerator withIssuer(X509Certificate certificate, PrivateKey key)
          Sets the issuer credentials needed to generate the AttributeCertificate.
 AttributeCertificateGenerator withSerialNumber(BigInteger serial)
          Sets the serial number of the generated AttributeCertificate.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_SIGNATURE_ALGORITHM

public static final String DEFAULT_SIGNATURE_ALGORITHM
Default signature algorithm.

Constant Field Value:
"SHA1WithRSA"
Since:
0.3.0

provider

private final String provider

signatureAlgorithm

private final String signatureAlgorithm

holder

private X500Principal holder

issuerCertificate

private X509Certificate issuerCertificate

issuerPrivateKey

private PrivateKey issuerPrivateKey

notBefore

private Date notBefore

notAfter

private Date notAfter

serialNumber

private BigInteger serialNumber

attributes

private org.bouncycastle.x509.X509Attribute attributes
Constructor Detail

AttributeCertificateGenerator

public AttributeCertificateGenerator()
Creates an AttributeCertificateGenerator with the current security provider and "SHA1WithRSAEncryption" as default signature algorithm.

Since:
0.3.0

AttributeCertificateGenerator

public AttributeCertificateGenerator(String provider)
Creates an AttributeCertificateGenerator with security provider and "SHA1WithRSAEncryption" as default signature algorithm.

Parameters:
provider - a JCE provider.
Since:
0.3.0

AttributeCertificateGenerator

public AttributeCertificateGenerator(String provider,
                                     String signatureAlgorithm)
Creates an AttributeCertificateGenerator with security provider and signature algorithm.

Parameters:
provider - a JCE provider.
signatureAlgorithm - a JCE signature algorithm.
Since:
0.3.0
Method Detail

reset

public AttributeCertificateGenerator reset()
Resets all inputs.

Returns:
this.
Since:
0.3.0

withHolder

public AttributeCertificateGenerator withHolder(X500Principal principal)
Sets the holder of the generated AttributeCertificate.

Parameters:
principal - X509Attribute.
Returns:
this.
Since:
0.3.0

notValidAfter

public AttributeCertificateGenerator notValidAfter(Date date)
Sets the not valid after date of the generated AttributeCertificate.

Parameters:
date - a Date.
Returns:
this.
Since:
0.3.0

notValidBefore

public AttributeCertificateGenerator notValidBefore(Date date)
Sets the not valid before date of the generated AttributeCertificate.

Parameters:
date - a Date.
Returns:
this.
Since:
0.3.0

withSerialNumber

public AttributeCertificateGenerator withSerialNumber(BigInteger serial)
Sets the serial number of the generated AttributeCertificate.

Parameters:
serial - a BigInteger.
Returns:
this.
Since:
0.3.0

withIssuer

public AttributeCertificateGenerator withIssuer(X509Certificate certificate,
                                                PrivateKey key)
Sets the issuer credentials needed to generate the AttributeCertificate.

Parameters:
key - the PrivateKey of the issuer.
certificate - the public key X509Certificate.
Returns:
this.
Since:
0.3.0

withAttribute

public AttributeCertificateGenerator withAttribute(Attribute attribute)
Sets the attribute of the generated AttributeCertificate.

Parameters:
attribute - the attribute to set, must not be null.
Returns:
this.
Since:
0.3.0

generate

public AttributeCertificate generate()
                              throws CertificateEncodingException,
                                     InvalidKeyException,
                                     NoSuchProviderException,
                                     SignatureException,
                                     NoSuchAlgorithmException,
                                     IOException
Generates an AttributeCertificate.

Throws:
NoSuchAlgorithmException - indicates that a requested algorithm is missing.
SignatureException - indicates a problem in the signature.
NoSuchProviderException - indicates that the requested provider doesn't exist.
InvalidKeyException - indicates an invalid key.
IOException - indicates a problem of reading the issuer name.
CertificateEncodingException
Since:
0.3.0


PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:06:22
Copyright (c) 2002-2007 Ergon Informatik AG