org.bouncycastle.x509

Class AttributeCertificateHolder

Implemented Interfaces:
CertSelector, Cloneable, Selector

public class AttributeCertificateHolder
extends java.lang.Object
implements CertSelector, Selector

The Holder object.
          Holder ::= SEQUENCE {
                baseCertificateID   [0] IssuerSerial OPTIONAL,
                         -- the issuer and serial number of
                         -- the holder's Public Key Certificate
                entityName          [1] GeneralNames OPTIONAL,
                         -- the name of the claimant or role
                objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
                         -- used to directly authenticate the holder,
                         -- for example, an executable
          }
 

Constructor Summary

AttributeCertificateHolder(X500Principal principal)
AttributeCertificateHolder(X500Principal issuerName, BigInteger serialNumber)
AttributeCertificateHolder(X509Certificate cert)
AttributeCertificateHolder(int digestedObjectType, String digestAlgorithm, String otherObjectTypeID, byte[] objectDigest)
Constructs a holder for v2 attribute certificates with a hash value for some type of object.
AttributeCertificateHolder(X509Principal principal)
AttributeCertificateHolder(X509Principal issuerName, BigInteger serialNumber)

Method Summary

Object
clone()
boolean
equals(Object obj)
String
getDigestAlgorithm()
Returns the other object type ID if an object digest info is used.
int
getDigestedObjectType()
Returns the digest object type if an object digest info is used.
Principal[]
getEntityNames()
Return any principal objects inside the attribute certificate holder entity names field.
Principal[]
getIssuer()
Return the principals associated with the issuer attached to this holder
byte[]
getObjectDigest()
Returns the hash if an object digest info is used.
String
getOtherObjectTypeID()
Returns the digest algorithm ID if an object digest info is used.
BigInteger
getSerialNumber()
Return the serial number associated with the issuer attached to this holder.
int
hashCode()
boolean
match(Certificate cert)
boolean
match(Object obj)

Constructor Details

AttributeCertificateHolder

public AttributeCertificateHolder(X500Principal principal)

AttributeCertificateHolder

public AttributeCertificateHolder(X500Principal issuerName,
                                  BigInteger serialNumber)

AttributeCertificateHolder

public AttributeCertificateHolder(X509Certificate cert)
            throws CertificateParsingException

AttributeCertificateHolder

public AttributeCertificateHolder(int digestedObjectType,
                                  String digestAlgorithm,
                                  String otherObjectTypeID,
                                  byte[] objectDigest)
Constructs a holder for v2 attribute certificates with a hash value for some type of object.

digestedObjectType can be one of the following:

  • 0 - publicKey - A hash of the public key of the holder must be passed.
  • 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
  • 2 - otherObjectDigest - A hash of some other object type must be passed. otherObjectTypeID must not be empty.

This cannot be used if a v1 attribute certificate is used.

Parameters:
digestedObjectType - The digest object type.
digestAlgorithm - The algorithm identifier for the hash.
otherObjectTypeID - The object type ID if digestedObjectType is otherObjectDigest.
objectDigest - The hash value.

AttributeCertificateHolder

public AttributeCertificateHolder(X509Principal principal)

AttributeCertificateHolder

public AttributeCertificateHolder(X509Principal issuerName,
                                  BigInteger serialNumber)

Method Details

clone

public Object clone()
Specified by:
clone in interface Selector

equals

public boolean equals(Object obj)

getDigestAlgorithm

public String getDigestAlgorithm()
Returns the other object type ID if an object digest info is used.
Returns:
The other object type ID or null if no object digest info is set.

getDigestedObjectType

public int getDigestedObjectType()
Returns the digest object type if an object digest info is used.

  • 0 - publicKey - A hash of the public key of the holder must be passed.
  • 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
  • 2 - otherObjectDigest - A hash of some other object type must be passed. otherObjectTypeID must not be empty.
Returns:
The digest object type or -1 if no object digest info is set.

getEntityNames

public Principal[] getEntityNames()
Return any principal objects inside the attribute certificate holder entity names field.
Returns:
an array of Principal objects (usually X500Principal), null if no entity names field is set.

getIssuer

public Principal[] getIssuer()
Return the principals associated with the issuer attached to this holder
Returns:
an array of principals, null if no BaseCertificateID is set.

getObjectDigest

public byte[] getObjectDigest()
Returns the hash if an object digest info is used.
Returns:
The hash or null if no object digest info is set.

getOtherObjectTypeID

public String getOtherObjectTypeID()
Returns the digest algorithm ID if an object digest info is used.
Returns:
The digest algorithm ID or null if no object digest info is set.

getSerialNumber

public BigInteger getSerialNumber()
Return the serial number associated with the issuer attached to this holder.
Returns:
the certificate serial number, null if no BaseCertificateID is set.

hashCode

public int hashCode()

match

public boolean match(Certificate cert)

match

public boolean match(Object obj)
Specified by:
match in interface Selector