org.bouncycastle.x509
Class X509AttributeCertStoreSelector
java.lang.Object
org.bouncycastle.x509.X509AttributeCertStoreSelector
- Cloneable, Selector
public class X509AttributeCertStoreSelector
extends java.lang.Object
This class is an Selector
like implementation to select
attribute certificates from a given set of criteria.
X509AttributeCertStoreSelector
public X509AttributeCertStoreSelector()
addTargetGroup
public void addTargetGroup(byte[] name)
throws IOException
Adds a target group criterion for the attribute certificate to the target
information extension criteria. The
X509AttributeCertificate
must contain at least one of the specified target groups.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
name
- a byte array containing the group in ASN.1 DER encoded form of a GeneralName
addTargetGroup
public void addTargetGroup(GeneralName group)
Adds a target group criterion for the attribute certificate to the target
information extension criteria. The
X509AttributeCertificate
must contain at least one of the specified target groups.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
group
- The group as GeneralName form (not null
)
addTargetName
public void addTargetName(byte[] name)
throws IOException
Adds a target name criterion for the attribute certificate to the target
information extension criteria. The
X509AttributeCertificate
must contain at least one of the specified target names.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
name
- a byte array containing the name in ASN.1 DER encoded form of a GeneralName
addTargetName
public void addTargetName(GeneralName name)
Adds a target name criterion for the attribute certificate to the target
information extension criteria. The
X509AttributeCertificate
must contain at least one of the specified target names.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
name
- The name as a GeneralName (not null
)
clone
public Object clone()
Returns a clone of this object.
- clone in interface Selector
getAttributeCert
public X509AttributeCertificate getAttributeCert()
Returns the attribute certificate which must be matched.
- Returns the attribute certificate.
getAttributeCertificateValid
public Date getAttributeCertificateValid()
Get the criteria for the validity.
- Returns the attributeCertificateValid.
getSerialNumber
public BigInteger getSerialNumber()
Gets the serial number the attribute certificate must have.
- Returns the serialNumber.
getTargetGroups
public Collection getTargetGroups()
Gets the target groups. The collection consists of
List
s
made up of an
Integer
in the first entry and a DER encoded
byte array or a
String
in the second entry.
The returned collection is immutable.
- The collection of target groups.
getTargetNames
public Collection getTargetNames()
Gets the target names. The collection consists of
List
s
made up of an
Integer
in the first entry and a DER encoded
byte array or a
String
in the second entry.
The returned collection is immutable.
- The collection of target names
match
public boolean match(Object obj)
Decides if the given attribute certificate should be selected.
- match in interface Selector
obj
- The attribute certificate which should be checked.
true
if the attribute certificate can be selected,
false
otherwise.
setAttributeCert
public void setAttributeCert(X509AttributeCertificate attributeCert)
Set the attribute certificate to be matched. If null
is
given any will do.
attributeCert
- The attribute certificate to set.
setAttributeCertificateValid
public void setAttributeCertificateValid(Date attributeCertificateValid)
Set the time, when the certificate must be valid. If null
is given any will do.
attributeCertificateValid
- The attribute certificate validation
time to set.
setHolder
public void setHolder(AttributeCertificateHolder holder)
Sets the holder. If null
is given any will do.
holder
- The holder to set.
setIssuer
public void setIssuer(AttributeCertificateIssuer issuer)
Sets the issuer the attribute certificate must have. If null
is given any will do.
issuer
- The issuer to set.
setSerialNumber
public void setSerialNumber(BigInteger serialNumber)
Sets the serial number the attribute certificate must have. If
null
is given any will do.
serialNumber
- The serialNumber to set.
setTargetGroups
public void setTargetGroups(Collection names)
throws IOException
Adds a collection with target groups criteria. If
null
is
given any will do.
The collection consists of
GeneralName
objects or
byte[]
names
- A collection of target groups.
setTargetNames
public void setTargetNames(Collection names)
throws IOException
Adds a collection with target names criteria. If
null
is
given any will do.
The collection consists of either GeneralName objects or byte[] arrays representing
DER encoded GeneralName structures.
names
- A collection of target names.