iaik.cms
Class CertificateSet

java.lang.Object
  iaik.cms.CertificateSet

public class CertificateSet
extends java.lang.Object

This class implements the CMS type CertificateSet. The Cryptographic Message Syntax (CMS) (RFC 5652) specifies the CertificateSet type for modeling certificates:

 CertificateSet ::= SET OF CertificateChoices
 

 CertificateChoices ::= CHOICE {
   certificate Certificate,                               -- see X.509
   extendedCertificate [0] IMPLICIT ExtendedCertificate,  -- Obsolete; see PKCS#6
   v1AttrCert [1] IMPLICIT AttributeCertificateV1,        -- Obsolete; see X.509-1997
   v2AttrCert [2] IMPLICIT AttributeCertificateV2,        -- see X509-2000
   other [3] IMPLICIT OtherCertificateFormat }

   OtherCertificateFormat ::= SEQUENCE {
     otherCertFormat OBJECT IDENTIFIER,
     otherCert ANY DEFINED BY otherCertFormat }

 CertificateSet ::= SET OF CertificateChoices
 

For creating an empty CertificateSet use the default constructor and subsequently supply certificates by calling method setCertificates or a addCertificate method.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported, e.g.:

 CertificateSet certSet = new CertificateSet();
 X509Certificate x509Cert = ...;
 certSet.addCertificate(x509Cert);
 AttributeCertificate attCert = ...;
 certSet.addCertificate(attCert);
 OtherCertificate otherCert = ...;
 certSet.addCertificate(otherCert);
 

See Also:

X509Certificate, AttributeCertificate

Constructor Summary

CertificateSet()
Default constructor.

CertificateSet(java.io.InputStream is)
Creates a new CertificateSet where the DER encoded data is read from the given InputStream.

Method Summary

void	addCertificate(java.security.cert.Certificate certificate) Adds the given certificate to this CertificateSet.
void	addCertificateChoices(CertificateChoices certificateChoices) Adds the given CertificateChoices to this CertificateSet.
void	addCertificateChoices(CertificateChoices[] certificateChoices) Adds the given CertificateChoices array to this CertificateSet.
void	addCertificates(java.security.cert.Certificate[] certificates) Adds the given certificates to this CertificateSet.
boolean	containsAttributeCertificates() Asks whether attribute certificates are included.
boolean	containsOtherCertificates() Asks whether RFC 5652 other certificates are included.
boolean	containsX509Certificates() Asks whether X.509 certificates are included.
void	decode(java.io.InputStream is) Decodes a CertifcateSet from the given InputStream.
AttributeCertificate[]	getAttributeCertificates() Gets all included attribute certificates from this CertificateSet.
int	getAttributeCertificateType() Checks if version 1 or 2 AttributeCertificates are included in this CertificateSet.
CertificateChoices[]	getCertificateChoices() Gets all included CertificateChoices elements.
java.security.cert.Certificate[]	getCertificates() Gets the certificates from this CertificateSet.
OtherCertificate[]	getOtherCertificates() Gets all included RFC 5652 other certificates from this CertificateSet.
X509Certificate	getX509Certificate(CertificateIdentifier certID) Gets the X.509 certificate identified by the given CertIdentifier.
X509Certificate[]	getX509Certificates() Gets all included X.509 certificates from this CertificateSet.
boolean	isEmpty() Asks if this CertificateSet is empty.
void	removeAllCertificates() Removes all certificates from this CertificateSet.
void	setCertificateChoices(CertificateChoices[] certificateChoices) Sets the CertificateChoices of this CertificateSet.
void	setCertificates(java.security.cert.Certificate[] certificates) Sets the certificates of this CertificateSet.
int	size() Gets size of this CertificateSet.
ASN1Object	toASN1Object() Returns this CertifcateSet as ASN1Object.
java.lang.String	toString() Returns a string giving some information about this CertificateSet object.
void	writeTo(java.io.OutputStream os)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

CertificateSet

public CertificateSet()

Default constructor.

Creates an empty CertificateSet. Supply certificates to be included by calling method setCertificates or a addCertificate method.

CertificateSet

public CertificateSet(java.io.InputStream is)
               throws CMSParsingException,
                      java.io.IOException

Creates a new CertificateSet where the DER encoded data is read from the given InputStream.

Parameters:

is - the InputStream holding a DER encoded CertificateSet

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object; e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included

Method Detail

setCertificates

public void setCertificates(java.security.cert.Certificate[] certificates)

Sets the certificates of this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificates - the certificates to be set

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate or iaik.cms.OtherCertificate object

addCertificates

public void addCertificates(java.security.cert.Certificate[] certificates)

Adds the given certificates to this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificates - the certificates to add

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate or iaik.cms.OtherCertificate object

addCertificate

public void addCertificate(java.security.cert.Certificate certificate)

Adds the given certificate to this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) or other certificates (instances of iaik.cms.OtherCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificate - the certificates to be added

Throws:

java.lang.IllegalArgumentException - if the supplied certificate is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate or iaik.cms.OtherCertificate object

getCertificates

public java.security.cert.Certificate[] getCertificates()

Gets the certificates from this CertificateSet.

The array returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

an array containing all certificates included in this CertificateSet; the array may be empty if no certificates are included

getX509Certificate

public X509Certificate getX509Certificate(CertificateIdentifier certID)

Gets the X.509 certificate identified by the given CertIdentifier.

If no certificate in this CertificateSet is identified by the given certificate identifier null is returned.

Parameters:

certID - the CertificateIdentifier to be searched for a matching certificate

Returns:

the certificate identified by the given identifier ot null if not found

getX509Certificates

public X509Certificate[] getX509Certificates()

Gets all included X.509 certificates from this CertificateSet.

Returns:

an array containing all X.509 public key certificates included in this CertificateSet; the array may be empty if no X.509 certificates are included

getAttributeCertificates

public AttributeCertificate[] getAttributeCertificates()

Gets all included attribute certificates from this CertificateSet.

Returns:

an array containing all attribute certificates included in this CertificateSet; the array may be empty if no attribute certificates are included

getOtherCertificates

public OtherCertificate[] getOtherCertificates()

Gets all included RFC 5652 other certificates from this CertificateSet.

Returns:

an array containing all other certificates included in this CertificateSet; the array may be empty if no other certificates are included

isEmpty

public boolean isEmpty()

Asks if this CertificateSet is empty.

Returns:

true if there are no certificates in this CertificateSet, false otherwise

size

public int size()

Gets size of this CertificateSet.

Returns:

number of CertificateChoices included in this CertificateSet

containsAttributeCertificates

public boolean containsAttributeCertificates()

Asks whether attribute certificates are included.

Returns:

true if there are attribute certificates in this CertificateSet, false otherwise

getAttributeCertificateType

public int getAttributeCertificateType()

Checks if version 1 or 2 AttributeCertificates are included in this CertificateSet.

Returns:

0 if there are no attribute certificates in this CertificateSet, 1 if there are version 1 attribute certificates included only 2 if there attribute certificates are included and at least one of those certs is a version 2 attribute certificate

containsX509Certificates

public boolean containsX509Certificates()

Asks whether X.509 certificates are included.

Returns:

true if there are X.509 certificates in this CertificateSet, false otherwise

containsOtherCertificates

public boolean containsOtherCertificates()

Asks whether RFC 5652 other certificates are included.

Returns:

true if there are other certificates in this CertificateSet, false otherwise

removeAllCertificates

public void removeAllCertificates()

Removes all certificates from this CertificateSet.

addCertificateChoices

public void addCertificateChoices(CertificateChoices certificateChoices)

Adds the given CertificateChoices to this CertificateSet.

Parameters:

certificateChoices - the CertificateChoices to be added

addCertificateChoices

public void addCertificateChoices(CertificateChoices[] certificateChoices)

Adds the given CertificateChoices array to this CertificateSet.

Parameters:

certificateChoices - the CertificateChoices array to be added

setCertificateChoices

public void setCertificateChoices(CertificateChoices[] certificateChoices)

Sets the CertificateChoices of this CertificateSet.

Parameters:

certificateChoices - the CertificateChoices to be set

getCertificateChoices

public CertificateChoices[] getCertificateChoices()

Gets all included CertificateChoices elements.

Note that this method returns an array of CertificateChoices objects, whereas method getCertificates returns the Certificate elements included in the CertificateChoices objects. Calling getCertificateChoices may be preferred to get the encoding of each CertificateChoices object if required:

 CertificateSet certSet = ...;
 CertificateChoices[] certificateChoices = certSet.getCertificateChoices();
 for (int i = 0; i < certificateChoices.length; i++) {
   byte[] encodedCertificateChoices = certificateChoices[i].getEncoded();
 }
 

Returns:

all included CertificateChoices elements

decode

public void decode(java.io.InputStream is)
            throws java.io.IOException,
                   CMSParsingException

Decodes a CertifcateSet from the given InputStream.

Parameters:

is - the input stream supplying the encoded CertificateSet

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException

Returns this CertifcateSet as ASN1Object.

RFC 5652 specifies the CertificateSet type as SET OF CertificateChoices:

 CertificateSet ::= SET OF CertificateChoices
 

 CertificateChoices ::= CHOICE {
   certificate Certificate,                               -- see X.509
   extendedCertificate [0] IMPLICIT ExtendedCertificate,  -- Obsolete; see PKCS#6
   v1AttrCert [1] IMPLICIT AttributeCertificateV1,        -- Obsolete; see X.509-1997
   v2AttrCert [2] IMPLICIT AttributeCertificateV2,        -- see X509-2000
   other [3] IMPLICIT OtherCertificateFormat }

   OtherCertificateFormat ::= SEQUENCE {
     otherCertFormat OBJECT IDENTIFIER,
     otherCert ANY DEFINED BY otherCertFormat }

 CertificateSet ::= SET OF CertificateChoices
 

Returns:

this CertificateSet as ASN1Object of type SET

Throws:

CodingException - if an error occurs while building the ASN.1 structure

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

Throws:

java.io.IOException

toString

public java.lang.String toString()

Returns a string giving some information about this CertificateSet object.

Overrides:

toString in class java.lang.Object

Returns:

the string representation