Package org.gudy.bouncycastle.x509
Class AttributeCertificateHolder
- java.lang.Object
-
- org.gudy.bouncycastle.x509.AttributeCertificateHolder
-
- All Implemented Interfaces:
java.lang.Cloneable
,java.security.cert.CertSelector
,Selector
public class AttributeCertificateHolder extends java.lang.Object implements java.security.cert.CertSelector, Selector
The Holder object.Holder ::= SEQUENCE { baseCertificateID [0] IssuerSerial OPTIONAL, -- the issuer and serial number of -- the holder's Public Key Certificate entityName [1] GeneralNames OPTIONAL, -- the name of the claimant or role objectDigestInfo [2] ObjectDigestInfo OPTIONAL -- used to directly authenticate the holder, -- for example, an executable }
-
-
Constructor Summary
Constructors Constructor Description AttributeCertificateHolder(int digestedObjectType, java.lang.String digestAlgorithm, java.lang.String otherObjectTypeID, byte[] objectDigest)
Constructs a holder for v2 attribute certificates with a hash value for some type of object.AttributeCertificateHolder(java.security.cert.X509Certificate cert)
AttributeCertificateHolder(javax.security.auth.x500.X500Principal principal)
AttributeCertificateHolder(javax.security.auth.x500.X500Principal issuerName, java.math.BigInteger serialNumber)
AttributeCertificateHolder(ASN1Sequence seq)
AttributeCertificateHolder(X509Principal principal)
AttributeCertificateHolder(X509Principal issuerName, java.math.BigInteger serialNumber)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Object
clone()
boolean
equals(java.lang.Object obj)
private GeneralNames
generateGeneralNames(X509Principal principal)
java.lang.String
getDigestAlgorithm()
Returns the other object type ID if an object digest info is used.int
getDigestedObjectType()
Returns the digest object type if an object digest info is used.java.security.Principal[]
getEntityNames()
Return any principal objects inside the attribute certificate holder entity names field.java.security.Principal[]
getIssuer()
Return the principals associated with the issuer attached to this holderprivate java.lang.Object[]
getNames(GeneralName[] names)
byte[]
getObjectDigest()
Returns the hash if an object digest info is used.java.lang.String
getOtherObjectTypeID()
Returns the digest algorithm ID if an object digest info is used.private java.security.Principal[]
getPrincipals(GeneralNames names)
java.math.BigInteger
getSerialNumber()
Return the serial number associated with the issuer attached to this holder.int
hashCode()
boolean
match(java.lang.Object obj)
boolean
match(java.security.cert.Certificate cert)
private boolean
matchesDN(X509Principal subject, GeneralNames targets)
-
-
-
Field Detail
-
holder
final Holder holder
-
-
Constructor Detail
-
AttributeCertificateHolder
AttributeCertificateHolder(ASN1Sequence seq)
-
AttributeCertificateHolder
public AttributeCertificateHolder(X509Principal issuerName, java.math.BigInteger serialNumber)
-
AttributeCertificateHolder
public AttributeCertificateHolder(javax.security.auth.x500.X500Principal issuerName, java.math.BigInteger serialNumber)
-
AttributeCertificateHolder
public AttributeCertificateHolder(java.security.cert.X509Certificate cert) throws java.security.cert.CertificateParsingException
- Throws:
java.security.cert.CertificateParsingException
-
AttributeCertificateHolder
public AttributeCertificateHolder(X509Principal principal)
-
AttributeCertificateHolder
public AttributeCertificateHolder(javax.security.auth.x500.X500Principal principal)
-
AttributeCertificateHolder
public AttributeCertificateHolder(int digestedObjectType, java.lang.String digestAlgorithm, java.lang.String otherObjectTypeID, byte[] objectDigest)
Constructs a holder for v2 attribute certificates with a hash value for some type of object.digestedObjectType
can be one of the following:- 0 - publicKey - A hash of the public key of the holder must be passed.
- 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
- 2 - otherObjectDigest - A hash of some other object type must be
passed.
otherObjectTypeID
must not be empty.
This cannot be used if a v1 attribute certificate is used.
- Parameters:
digestedObjectType
- The digest object type.digestAlgorithm
- The algorithm identifier for the hash.otherObjectTypeID
- The object type ID ifdigestedObjectType
isotherObjectDigest
.objectDigest
- The hash value.
-
-
Method Detail
-
getDigestedObjectType
public int getDigestedObjectType()
Returns the digest object type if an object digest info is used.- 0 - publicKey - A hash of the public key of the holder must be passed.
- 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
- 2 - otherObjectDigest - A hash of some other object type must be
passed.
otherObjectTypeID
must not be empty.
- Returns:
- The digest object type or -1 if no object digest info is set.
-
getDigestAlgorithm
public java.lang.String getDigestAlgorithm()
Returns the other object type ID if an object digest info is used.- Returns:
- The other object type ID or
null
if no object digest info is set.
-
getObjectDigest
public byte[] getObjectDigest()
Returns the hash if an object digest info is used.- Returns:
- The hash or
null
if no object digest info is set.
-
getOtherObjectTypeID
public java.lang.String getOtherObjectTypeID()
Returns the digest algorithm ID if an object digest info is used.- Returns:
- The digest algorithm ID or
null
if no object digest info is set.
-
generateGeneralNames
private GeneralNames generateGeneralNames(X509Principal principal)
-
matchesDN
private boolean matchesDN(X509Principal subject, GeneralNames targets)
-
getNames
private java.lang.Object[] getNames(GeneralName[] names)
-
getPrincipals
private java.security.Principal[] getPrincipals(GeneralNames names)
-
getEntityNames
public java.security.Principal[] getEntityNames()
Return any principal objects inside the attribute certificate holder entity names field.- Returns:
- an array of Principal objects (usually X500Principal), null if no entity names field is set.
-
getIssuer
public java.security.Principal[] getIssuer()
Return the principals associated with the issuer attached to this holder- Returns:
- an array of principals, null if no BaseCertificateID is set.
-
getSerialNumber
public java.math.BigInteger getSerialNumber()
Return the serial number associated with the issuer attached to this holder.- Returns:
- the certificate serial number, null if no BaseCertificateID is set.
-
clone
public java.lang.Object clone()
-
match
public boolean match(java.security.cert.Certificate cert)
- Specified by:
match
in interfacejava.security.cert.CertSelector
-
equals
public boolean equals(java.lang.Object obj)
- Overrides:
equals
in classjava.lang.Object
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
-