|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object issrg.ac.AttributeCertificate
public class AttributeCertificate
This is the class representing AttributeCertificate ASN.1 construct as per X.509(2000) draft v6. All other constructs are taken from it as well.
According to various versions of the draft, there can be ACs with explicit and implicit BER encoding. This class and all of its components are designed to support the difference.
This implementation extensively uses IAIK ASN.1 classes, so you may need to know their documentation before you can use or update the AC classes provided.
Note that all of the components are validating encoders and decoders and throw exceptions if the values specified are unacceptable (invalid BER encoding, unacceptable combination of values, etc checking syntax). However, it is your responsibility to verify that the AC includes only features allowed by the version specified (checking semantics).
The classes can decode any Attributes and Extensions. However, to automatically create the objects representing the specific attribute values or extensions, you need to register the object extending AttributeValue or Extension, using Attribute.registerAttribute(String, Class) or Extensions.registerExtension(String, Class) method respectively. In this way the instances of the corresponding classes will be created directly during the decoding process. If an unknown attribute or extension is encountered, the value will remain a generic AttributeValue or Extension respectively, and should be decoded by your code.
Attribute.registerAttribute(String,Class), Extensions.registerExtension(String,Class)
Field Summary | |
---|---|
protected AttributeCertificateInfo |
acinfo
|
protected AlgorithmID |
signatureAlgorithm
|
protected BIT_STRING |
signatureValue
|
protected static boolean |
USE_IMPLICIT_ENCODING
This value specifies whether implicit or explicit tagging should be used when performing BER encoding or decoding. |
Constructor Summary | |
---|---|
protected |
AttributeCertificate()
The constructor is protected, because you shouldn't really be able to create empty ACs. |
|
AttributeCertificate(ASN1Object ao)
This constructor decodes the X.509 AC from the given ASN1Object. |
|
AttributeCertificate(AttributeCertificateInfo aci,
AlgorithmID sa,
BIT_STRING sv)
This constructor builds the Attribute Certificate out of its components. |
Method Summary | |
---|---|
protected static java.io.InputStream |
acAsInputStream(java.lang.Object acBytes)
This is a utility method that returns an InputStream for the given Object. |
java.lang.Object |
clone()
This method clones the Attribute Certificate. |
void |
decode(ASN1Object ao)
This method decodes X.509 Attribute Certificate from a given ASN1Object construct. |
AttributeCertificateInfo |
getACInfo()
Returns the ACInfo component of the AC. |
byte[] |
getEncoded()
This method returns a DER encoded Attribute Certificate so you can store it onto a disk or LDAP directory. |
static java.lang.String |
getHolderDN(java.lang.Object ac)
This is a utility method that returns the holder of the given Attribute Certificate, or null, if it is not an Attribute Certificate. |
AlgorithmID |
getSignatureAlgorithm()
Returns the SignatureAlgorithm component of the AC. |
BIT_STRING |
getSignatureValue()
Returns the SignatureValue component of the AC. |
static byte[] |
getToBeSignedByteArray(java.lang.Object acBytes)
This method returns a byte array of the ACInfo taken from the BER encoding of the AC as is, so you can check the signature. |
static AttributeCertificate |
guessEncoding(byte[] ac)
This method lets you decode the byte array independent of the actual encoding of the AC in it. |
static AttributeCertificate |
guessEncoding(java.io.InputStream is)
This method does the same as guessEncoding(byte[]), but operates on an InputStream. |
static AttributeCertificate |
guessEncoding(java.lang.Object ac)
This method allows to parse either byte[] or Base64 encoded ACs (String must be passed in that case) |
static boolean |
isImplicit()
Returns true if Implicit encoding of tags will be used. |
void |
setACInfo(AttributeCertificateInfo acinfo)
Sets the ACInfo component of the AC. |
static void |
setImplicitEncoding(boolean implicit)
This method sets the encoding of the AC to be implicit or explicit, depending on the value. |
void |
setSignatureAlgorithm(AlgorithmID signatureAlgorithm)
Sets the SignatureAlgorithm component of the AC. |
void |
setSignatureValue(BIT_STRING signatureValue)
Sets the SignatureValue component of the AC. |
ASN1Object |
toASN1Object()
This method generates a ASN1Object. |
java.lang.String |
toString()
This method generates a string representation of the Attribute Certificate. |
java.lang.String |
toString(java.lang.String ident)
This method will use the specified indent to output the AC text. |
Methods inherited from class java.lang.Object |
---|
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
protected static boolean USE_IMPLICIT_ENCODING
This value is being referred to by all ASN.1 objects when delivering toASN1Object result. By default it is set to true.
External code should not rely on this value while the AC is being decoded, when guessEncoding method is used.
protected AttributeCertificateInfo acinfo
protected AlgorithmID signatureAlgorithm
protected BIT_STRING signatureValue
Constructor Detail |
---|
protected AttributeCertificate()
public AttributeCertificate(ASN1Object ao) throws CodingException
ao
- - the parsed ASN.1 structure
CodingException,
- if the ASN.1 does not represent a valid X.509 AC
construct
CodingException
public AttributeCertificate(AttributeCertificateInfo aci, AlgorithmID sa, BIT_STRING sv)
aci
- - the AttributeCertificateInfo with the contents of the X.509
Attribute Certificatesa
- - the AlgorithmID of the signature algorithm used to sign the
X.509 Attribute Certificatesv
- - the BIT_STRING of the signatureMethod Detail |
---|
public static boolean isImplicit()
public AttributeCertificateInfo getACInfo()
public void setACInfo(AttributeCertificateInfo acinfo)
acinfo
- - the AttributeCertificateInfo with the contents of the
ACpublic AlgorithmID getSignatureAlgorithm()
public void setSignatureAlgorithm(AlgorithmID signatureAlgorithm)
signatureAlgorithm
- - the AlgorithmID of the algorithm used to sign
the ACpublic BIT_STRING getSignatureValue()
public void setSignatureValue(BIT_STRING signatureValue)
signatureValue
- - the BIT_STRING containing the signature bytespublic ASN1Object toASN1Object() throws CodingException
CodingException
- if there was an error encoding the ACpublic void decode(ASN1Object ao) throws CodingException
ao
- - the ASN1Object, as decoded by IAIK library
CodingException
- if the provided ASN1Object is not a v1 or v2 X.509
Attribute Certificatepublic java.lang.String toString()
toString
in class java.lang.Object
public java.lang.String toString(java.lang.String ident)
public java.lang.Object clone()
clone
in class java.lang.Object
public byte[] getEncoded() throws CodingException
iaik.asn1.CodingException
- if an encoding error occurred
CodingException
public static byte[] getToBeSignedByteArray(java.lang.Object acBytes) throws CodingException
This method does not verify that it actually gets the BER encoded AC, and not just an arbitrary byte array.
acBytes
- is the array of bytes of the BER encoded AC, or a String of
the Base-64 encoded BER encoded AC
CodingException
- in some cases when it can detect that the AC is
malformed; note
that proper checks are left to the caller to speed up: the caller may
have constructed
the AttributeCertificate object alreadyprotected static java.io.InputStream acAsInputStream(java.lang.Object acBytes)
acBytes
- is the array of bytes of the BER encoded AC, or a String of
the Base-64 encoded BER encoded AC
public static void setImplicitEncoding(boolean implicit)
Also the value of the flag is used when decoding an AC. If the AC is encoded with Explicit encoding, but the flag says to use Implicit encoding, an AC decoding error will occur at run-time. It is advised that guessEncoding method is used to decode an AC independent of whether it is Implicitly or Explicitly encoded.
implicit
- specifies if the AC should be encoded implicitly or notpublic static AttributeCertificate guessEncoding(byte[] ac) throws CodingException
Note that the value of the USE_IMPLICIT_ENCODING flag changes during execution of this method, so external code should not access the flag while decoding, only the AC objects should.
ac
- is the BER encoding of an X.509 Attribute Certificate
CodingException
- if neither encoding helped to decode the ACpublic static AttributeCertificate guessEncoding(java.lang.Object ac) throws CodingException
ac
- - the Attribute Certificate, either as a byte array or as a
Base64 String
CodingException,
- if it is neither implicitly, nor explicitly
encoded Attribute Certificate
CodingException
public static AttributeCertificate guessEncoding(java.io.InputStream is) throws CodingException, java.io.IOException
is
- - the InputStream containing the BER encoded Attribute
Certificate
CodingException,
- if it is neither implicitly, nor explicitly
encoded Attribute Certificate
CodingException
java.io.IOException
public static java.lang.String getHolderDN(java.lang.Object ac)
ac
- - the AttributeCertificate, either as a byte array or a Base64
encoded String
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |