org.bouncycastle.x509

Class X509AttributeCertStoreSelector

Implemented Interfaces:
Cloneable, Selector

public class X509AttributeCertStoreSelector
extends java.lang.Object
implements Selector

This class is an Selector like implementation to select attribute certificates from a given set of criteria.
See Also:
X509AttributeCertificate, X509Store

Constructor Summary

X509AttributeCertStoreSelector()

Method Summary

void
addTargetGroup(byte[] name)
Adds a target group criterion for the attribute certificate to the target information extension criteria.
void
addTargetGroup(GeneralName group)
Adds a target group criterion for the attribute certificate to the target information extension criteria.
void
addTargetName(byte[] name)
Adds a target name criterion for the attribute certificate to the target information extension criteria.
void
addTargetName(GeneralName name)
Adds a target name criterion for the attribute certificate to the target information extension criteria.
Object
clone()
Returns a clone of this object.
X509AttributeCertificate
getAttributeCert()
Returns the attribute certificate which must be matched.
Date
getAttributeCertificateValid()
Get the criteria for the validity.
AttributeCertificateHolder
getHolder()
Gets the holder.
AttributeCertificateIssuer
getIssuer()
Returns the issuer criterion.
BigInteger
getSerialNumber()
Gets the serial number the attribute certificate must have.
Collection
getTargetGroups()
Gets the target groups.
Collection
getTargetNames()
Gets the target names.
boolean
match(Object obj)
Decides if the given attribute certificate should be selected.
void
setAttributeCert(X509AttributeCertificate attributeCert)
Set the attribute certificate to be matched.
void
setAttributeCertificateValid(Date attributeCertificateValid)
Set the time, when the certificate must be valid.
void
setHolder(AttributeCertificateHolder holder)
Sets the holder.
void
setIssuer(AttributeCertificateIssuer issuer)
Sets the issuer the attribute certificate must have.
void
setSerialNumber(BigInteger serialNumber)
Sets the serial number the attribute certificate must have.
void
setTargetGroups(Collection names)
Adds a collection with target groups criteria.
void
setTargetNames(Collection names)
Adds a collection with target names criteria.

Constructor Details

X509AttributeCertStoreSelector

public X509AttributeCertStoreSelector()

Method Details

addTargetGroup

public void addTargetGroup(byte[] name)
            throws IOException
Adds a target group criterion for the attribute certificate to the target information extension criteria. The X509AttributeCertificate must contain at least one of the specified target groups.

Each attribute certificate may contain a target information extension limiting the servers where this attribute certificate can be used. If this extension is not present, the attribute certificate is not targeted and may be accepted by any server.

Parameters:
name - a byte array containing the group in ASN.1 DER encoded form of a GeneralName

addTargetGroup

public void addTargetGroup(GeneralName group)
Adds a target group criterion for the attribute certificate to the target information extension criteria. The X509AttributeCertificate must contain at least one of the specified target groups.

Each attribute certificate may contain a target information extension limiting the servers where this attribute certificate can be used. If this extension is not present, the attribute certificate is not targeted and may be accepted by any server.

Parameters:
group - The group as GeneralName form (not null)

addTargetName

public void addTargetName(byte[] name)
            throws IOException
Adds a target name criterion for the attribute certificate to the target information extension criteria. The X509AttributeCertificate must contain at least one of the specified target names.

Each attribute certificate may contain a target information extension limiting the servers where this attribute certificate can be used. If this extension is not present, the attribute certificate is not targeted and may be accepted by any server.

Parameters:
name - a byte array containing the name in ASN.1 DER encoded form of a GeneralName

addTargetName

public void addTargetName(GeneralName name)
Adds a target name criterion for the attribute certificate to the target information extension criteria. The X509AttributeCertificate must contain at least one of the specified target names.

Each attribute certificate may contain a target information extension limiting the servers where this attribute certificate can be used. If this extension is not present, the attribute certificate is not targeted and may be accepted by any server.

Parameters:
name - The name as a GeneralName (not null)

clone

public Object clone()
Returns a clone of this object.
Specified by:
clone in interface Selector
Returns:
the clone.

getAttributeCert

public X509AttributeCertificate getAttributeCert()
Returns the attribute certificate which must be matched.
Returns:
Returns the attribute certificate.

getAttributeCertificateValid

public Date getAttributeCertificateValid()
Get the criteria for the validity.
Returns:
Returns the attributeCertificateValid.

getHolder

public AttributeCertificateHolder getHolder()
Gets the holder.
Returns:
Returns the holder.

getIssuer

public AttributeCertificateIssuer getIssuer()
Returns the issuer criterion.
Returns:
Returns the issuer.

getSerialNumber

public BigInteger getSerialNumber()
Gets the serial number the attribute certificate must have.
Returns:
Returns the serialNumber.

getTargetGroups

public Collection getTargetGroups()
Gets the target groups. The collection consists of Lists made up of an Integer in the first entry and a DER encoded byte array or a String in the second entry.

The returned collection is immutable.

Returns:
The collection of target groups.

getTargetNames

public Collection getTargetNames()
Gets the target names. The collection consists of Lists made up of an Integer in the first entry and a DER encoded byte array or a String in the second entry.

The returned collection is immutable.

Returns:
The collection of target names

match

public boolean match(Object obj)
Decides if the given attribute certificate should be selected.
Specified by:
match in interface Selector
Parameters:
obj - The attribute certificate which should be checked.
Returns:
true if the attribute certificate can be selected, false otherwise.

setAttributeCert

public void setAttributeCert(X509AttributeCertificate attributeCert)
Set the attribute certificate to be matched. If null is given any will do.
Parameters:
attributeCert - The attribute certificate to set.

setAttributeCertificateValid

public void setAttributeCertificateValid(Date attributeCertificateValid)
Set the time, when the certificate must be valid. If null is given any will do.
Parameters:
attributeCertificateValid - The attribute certificate validation time to set.

setHolder

public void setHolder(AttributeCertificateHolder holder)
Sets the holder. If null is given any will do.
Parameters:
holder - The holder to set.

setIssuer

public void setIssuer(AttributeCertificateIssuer issuer)
Sets the issuer the attribute certificate must have. If null is given any will do.
Parameters:
issuer - The issuer to set.

setSerialNumber

public void setSerialNumber(BigInteger serialNumber)
Sets the serial number the attribute certificate must have. If null is given any will do.
Parameters:
serialNumber - The serialNumber to set.

setTargetGroups

public void setTargetGroups(Collection names)
            throws IOException
Adds a collection with target groups criteria. If null is given any will do.

The collection consists of GeneralName objects or byte[]

Parameters:
names - A collection of target groups.

setTargetNames

public void setTargetNames(Collection names)
            throws IOException
Adds a collection with target names criteria. If null is given any will do.

The collection consists of either GeneralName objects or byte[] arrays representing DER encoded GeneralName structures.

Parameters:
names - A collection of target names.