org.openpermis.cert
Class AttributeCertificate

java.lang.Object
  extended by java.security.cert.Certificate
      extended by org.openpermis.cert.AttributeCertificate
All Implemented Interfaces:
Serializable, X509Extension

public class AttributeCertificate
extends Certificate
implements X509Extension

This class represents an attribute certificate. Since there is no equivalent in the Java JCE, this implementation uses some code if the Bouncycastle cryptographic library but also implements Certificate. The used Bouncycastle library uses itself the JCE for cryptographic operations such as digital signature verification.

See Also:
Serialized Form
Since:
0.3.0

Nested Class Summary
 
Nested classes/interfaces inherited from class java.security.cert.Certificate
Certificate.CertificateRep
 
Constructor Summary
AttributeCertificate(byte[] derEncoded)
          Decodes an X.509 attribute certificate from the given byte array representing a DER encoded (ASN.1 representation) certificate.
AttributeCertificate(InputStream derStream)
          Decodes an X.509 attribute certificate from the given DER stream (ASN.1 representation) of the certificate.
 
Method Summary
 org.bouncycastle.x509.X509Attribute[] getAttributes()
          Return the attributes contained in the attribute block in the certificate.
 org.bouncycastle.x509.X509Attribute[] getAttributes(String oid)
          Return the attributes with the same type as the passed in oid.
 Set<String> getCriticalExtensionOIDs()
           
 byte[] getEncoded()
           
 byte[] getExtensionValue(String arg0)
           
 org.bouncycastle.x509.AttributeCertificateHolder getHolder()
          Return the holder of the certificate.
 org.bouncycastle.x509.AttributeCertificateIssuer getIssuer()
          Return the issuer details for the certificate.
 Set<String> getNonCriticalExtensionOIDs()
           
 Date getNotAfter()
          Return the date after which the certificate is not valid.
 Date getNotBefore()
          Return the date before which the certificate is not valid.
 PublicKey getPublicKey()
           
 boolean hasUnsupportedCriticalExtension()
           
 String toString()
           
 void verify(PublicKey publicKey)
           
 void verify(PublicKey publicKey, String provider)
           
 
Methods inherited from class java.security.cert.Certificate
equals, getType, hashCode, writeReplace
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AttributeCertificate

public AttributeCertificate(InputStream derStream)
                     throws IOException
Decodes an X.509 attribute certificate from the given DER stream (ASN.1 representation) of the certificate.

Parameters:
derStream - The input stream containing the DER encoded certificate.
Throws:
IOException - Thrown if the stream cannot be read or the certificate cannot be decoded.

AttributeCertificate

public AttributeCertificate(byte[] derEncoded)
                     throws IOException
Decodes an X.509 attribute certificate from the given byte array representing a DER encoded (ASN.1 representation) certificate.

Parameters:
derEncoded - A byte array containing the DER encoded certificate.
Throws:
IOException - Thrown if the certificate cannot be decoded.
Method Detail

getNotBefore

public Date getNotBefore()
Return the date before which the certificate is not valid.

Returns:
the "not valid before" date.
Since:
0.3.0

getNotAfter

public Date getNotAfter()
Return the date after which the certificate is not valid.

Returns:
the "not valid afer" date.
Since:
0.3.0

getAttributes

public org.bouncycastle.x509.X509Attribute[] getAttributes()
Return the attributes contained in the attribute block in the certificate.

Returns:
An array of attributes.
Since:
0.3.0

getAttributes

public org.bouncycastle.x509.X509Attribute[] getAttributes(String oid)
Return the attributes with the same type as the passed in oid.

Parameters:
oid - the object identifier we wish to match.
Returns:
an array of matched attributes, null if there is no match.

getIssuer

public org.bouncycastle.x509.AttributeCertificateIssuer getIssuer()
Return the issuer details for the certificate.

Returns:
the issuer details.
Since:
0.3.0

getHolder

public org.bouncycastle.x509.AttributeCertificateHolder getHolder()
Return the holder of the certificate.

Returns:
the holder.
Since:
0.3.0

getEncoded

public byte[] getEncoded()
                  throws CertificateEncodingException
Specified by:
getEncoded in class Certificate
Throws:
CertificateEncodingException
Since:
0.3.0

getPublicKey

public PublicKey getPublicKey()
Specified by:
getPublicKey in class Certificate
Since:
0.3.0

toString

public String toString()
Specified by:
toString in class Certificate
Since:
0.3.0

verify

public void verify(PublicKey publicKey)
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
Specified by:
verify in class Certificate
Throws:
CertificateException
NoSuchAlgorithmException
InvalidKeyException
NoSuchProviderException
SignatureException
Since:
0.3.0

verify

public void verify(PublicKey publicKey,
                   String provider)
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
Specified by:
verify in class Certificate
Throws:
CertificateException
NoSuchAlgorithmException
InvalidKeyException
NoSuchProviderException
SignatureException
Since:
0.3.0

getCriticalExtensionOIDs

public Set<String> getCriticalExtensionOIDs()
Specified by:
getCriticalExtensionOIDs in interface X509Extension
Since:
0.3.0

getExtensionValue

public byte[] getExtensionValue(String arg0)
Specified by:
getExtensionValue in interface X509Extension
Since:
0.3.0

getNonCriticalExtensionOIDs

public Set<String> getNonCriticalExtensionOIDs()
Specified by:
getNonCriticalExtensionOIDs in interface X509Extension
Since:
0.3.0

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()
Specified by:
hasUnsupportedCriticalExtension in interface X509Extension
Since:
0.3.0


PERMIS Role Based Access Control 0.4.0 (Build 15)
2009/05/20 08:14:49
Copyright (c) 2002-2007 Ergon Informatik AG