Class AttributeCertificateHolder

  • All Implemented Interfaces:
    java.lang.Cloneable, java.security.cert.CertSelector, Selector

    public class AttributeCertificateHolder
    extends java.lang.Object
    implements java.security.cert.CertSelector, Selector
    The Holder object.
              Holder ::= SEQUENCE {
                    baseCertificateID   [0] IssuerSerial OPTIONAL,
                             -- the issuer and serial number of
                             -- the holder's Public Key Certificate
                    entityName          [1] GeneralNames OPTIONAL,
                             -- the name of the claimant or role
                    objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
                             -- used to directly authenticate the holder,
                             -- for example, an executable
              }
     
    • Field Detail

    • Constructor Detail

      • AttributeCertificateHolder

        AttributeCertificateHolder​(ASN1Sequence seq)
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(X509Principal issuerName,
                                          java.math.BigInteger serialNumber)
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(javax.security.auth.x500.X500Principal issuerName,
                                          java.math.BigInteger serialNumber)
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(java.security.cert.X509Certificate cert)
                                   throws java.security.cert.CertificateParsingException
        Throws:
        java.security.cert.CertificateParsingException
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(X509Principal principal)
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(javax.security.auth.x500.X500Principal principal)
      • AttributeCertificateHolder

        public AttributeCertificateHolder​(int digestedObjectType,
                                          java.lang.String digestAlgorithm,
                                          java.lang.String otherObjectTypeID,
                                          byte[] objectDigest)
        Constructs a holder for v2 attribute certificates with a hash value for some type of object.

        digestedObjectType can be one of the following:

        • 0 - publicKey - A hash of the public key of the holder must be passed.
        • 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
        • 2 - otherObjectDigest - A hash of some other object type must be passed. otherObjectTypeID must not be empty.

        This cannot be used if a v1 attribute certificate is used.

        Parameters:
        digestedObjectType - The digest object type.
        digestAlgorithm - The algorithm identifier for the hash.
        otherObjectTypeID - The object type ID if digestedObjectType is otherObjectDigest.
        objectDigest - The hash value.
    • Method Detail

      • getDigestedObjectType

        public int getDigestedObjectType()
        Returns the digest object type if an object digest info is used.

        • 0 - publicKey - A hash of the public key of the holder must be passed.
        • 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
        • 2 - otherObjectDigest - A hash of some other object type must be passed. otherObjectTypeID must not be empty.
        Returns:
        The digest object type or -1 if no object digest info is set.
      • getDigestAlgorithm

        public java.lang.String getDigestAlgorithm()
        Returns the other object type ID if an object digest info is used.
        Returns:
        The other object type ID or null if no object digest info is set.
      • getObjectDigest

        public byte[] getObjectDigest()
        Returns the hash if an object digest info is used.
        Returns:
        The hash or null if no object digest info is set.
      • getOtherObjectTypeID

        public java.lang.String getOtherObjectTypeID()
        Returns the digest algorithm ID if an object digest info is used.
        Returns:
        The digest algorithm ID or null if no object digest info is set.
      • getNames

        private java.lang.Object[] getNames​(GeneralName[] names)
      • getPrincipals

        private java.security.Principal[] getPrincipals​(GeneralNames names)
      • getEntityNames

        public java.security.Principal[] getEntityNames()
        Return any principal objects inside the attribute certificate holder entity names field.
        Returns:
        an array of Principal objects (usually X500Principal), null if no entity names field is set.
      • getIssuer

        public java.security.Principal[] getIssuer()
        Return the principals associated with the issuer attached to this holder
        Returns:
        an array of principals, null if no BaseCertificateID is set.
      • getSerialNumber

        public java.math.BigInteger getSerialNumber()
        Return the serial number associated with the issuer attached to this holder.
        Returns:
        the certificate serial number, null if no BaseCertificateID is set.
      • clone

        public java.lang.Object clone()
        Specified by:
        clone in interface java.security.cert.CertSelector
        Specified by:
        clone in interface Selector
        Overrides:
        clone in class java.lang.Object
      • match

        public boolean match​(java.security.cert.Certificate cert)
        Specified by:
        match in interface java.security.cert.CertSelector
      • equals

        public boolean equals​(java.lang.Object obj)
        Overrides:
        equals in class java.lang.Object
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object
      • match

        public boolean match​(java.lang.Object obj)
        Specified by:
        match in interface Selector