Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.x509.attr
Class IssuerSerial

java.lang.Object
  |
  +--iaik.x509.attr.IssuerSerial
public class IssuerSerial
extends Object

This class implements the AC type IssuerSerial.

The Internet Attribute Certificate Profile for Authorization (RFC 3281) specifies the IssuerSerial type as an option for identifying the holder or issuer of an attribute certificate by issuer name, issuer-specific certificate serial number and optional issuerUniqueID: 

 IssuerSerial ::= SEQUENCE {        
   issuer       GeneralNames,
   serialNumber CertificateSerialNumber
   issuerUID    UniqueIdentifier OPTIONAL }

When used for identifying the Holder of an attribute certificate, the issuer GeneralNames has to be created from the issuerDN of the base certificate and the serial number has to be the same: 

 Holder ::= SEQUENCE {
    baseCertificateID   [0] IssuerSerial OPTIONAL,
                        -- the issuer and serial number of
                        -- the holder's Public Key Certificate
    entityName          [1] GeneralNames OPTIONAL,
                        -- the name of the claimant or role
    objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
                        -- used to directly authenticate the holder,
                        -- for example, an executable
When creating a IssuerSerial object you may specifiy issuer GeneralNames, certificate serial number, or you immediately may supply the base certificate and let the constructor calculate the GeneralNames issuer from the certificate´s IssuerDN: 
 X509Certificate baseCert = ...;
 IssuerSerial issuerSerial = new IssuerSerial(baseCert);
According to RFC 3281 the IssuerAndSerial option shall not be used for representing the issuer of an attribute certificate: 
 AttCertIssuer ::= CHOICE {
    v1Form   GeneralNames,  -- MUST NOT be used in this
                            -- profile
    v2Form   [0] V2Form     -- v2 only
 }


 V2Form ::= SEQUENCE {
   issuerName            GeneralNames  OPTIONAL,
   baseCertificateID     [0] IssuerSerial  OPTIONAL,
   objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
           -- issuerName MUST be present in this profile
           -- baseCertificateID and objectDigestInfo MUST NOT
           -- be present in this profile
 }

Version:
File Revision 13

Constructor Summary
IssuerSerial(ASN1Object obj)
          Creates a new IssuerSerial from an ASN1Object.
IssuerSerial(GeneralNames issuer, BigInteger serialNumber)
          Creates an IssuerSerial from issuer GeneralNames and issuer-specific serial number.
IssuerSerial(Name issuer, BigInteger serialNumber)
          Creates a new IssuerSerial from an issuer distinguished name and issuer-specific serial number.
IssuerSerial(X509Certificate baseCertificate)
          Creates an IssuerSerial from the given base certificate.
 
Method Summary
 boolean equals(Object obj)
          Compares this IssuerSerial to the specified object.
 GeneralNames getIssuer()
          Returns the issuer GeneralNames.
 boolean[] getIssuerUID()
          Returns the issuer unique identifier, or null if no IssuerUniqueID is set.
 BigInteger getSerialNumber()
          Returns the issuer-specific serial number.
 int hashCode()
          Returns a hashcode for this IssuerSerial.
 boolean identifiesCert(X509Certificate baseCertificate)
          Checks if this IssuerSerial identifies the given base certificate.
 void setIssuerUID(boolean[] id)
          Sets the issuer unique ID.
 ASN1Object toASN1Object()
          Returns this IssuerSerial as ASN1Object.
 String toString()
          Returns a string giving some information about this IssuerSerial object.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

IssuerSerial

public IssuerSerial(GeneralNames issuer,
                    BigInteger serialNumber)
Creates an IssuerSerial from issuer GeneralNames and issuer-specific serial number.
Parameters:
issuer - the issuer GeneralNames
serialNumber - the issuer-specific serial number

IssuerSerial

public IssuerSerial(Name issuer,
                    BigInteger serialNumber)
Creates a new IssuerSerial from an issuer distinguished name and issuer-specific serial number.

This constructor may be used for creating an IssuerSerial object for identifying an X.509 certificate where the issuer is given as Distinguished Name structure. The wrapping into a GeneralNames object is done inside this constructor. Assuming a cert given as iaik.x509.X509Certificate instance an IssuerSerial may be created like: 

 // the x.509 cert
 X509Certificate cert = ...;
 // get the IssuerDN
 Name issuerDN = (Name)cert.getIssuerDN();
 // now create the IssuerSerial
 IssuerSerial issuerSerial = 
        new IssuerSerial(issuerDN, cert.getSerialNumber());

Parameters:
issuer - the issuer distinguished name
serialNumber - the issuer-specific serial number

IssuerSerial

public IssuerSerial(X509Certificate baseCertificate)
Creates an IssuerSerial from the given base certificate.
Parameters:
baseCertificate - the base certificate

IssuerSerial

public IssuerSerial(ASN1Object obj)
             throws CodingException
Creates a new IssuerSerial from an ASN1Object.

The ASN1Object supplied to this constructor represents an already exisiting IssuerSerial object that may have been created by calling toASN1Object.

Parameters:
obj - the IssuerSerial as ASN1Object
Throws:
CodingException - if the ASN1Object could not be parsed
Method Detail

toASN1Object

public ASN1Object toASN1Object()
Returns this IssuerSerial as ASN1Object.

The ASN1Object returned by this method may be used as parameter value when creating an IssuerSerial object using the IssuerSerial(ASN1Object obj) constructor.

Returns:
this IssuerSerial as ASN1Object

getIssuer

public GeneralNames getIssuer()
Returns the issuer GeneralNames.
Returns:
the issuer GeneralNames

getSerialNumber

public BigInteger getSerialNumber()
Returns the issuer-specific serial number.
Returns:
the issuer-specific serial number, as BigInteger

getIssuerUID

public boolean[] getIssuerUID()
Returns the issuer unique identifier, or null if no IssuerUniqueID is set.
Returns:
the IssuerUID as array of booleans, or null if no issuer unique identifier is set

setIssuerUID

public void setIssuerUID(boolean[] id)
Sets the issuer unique ID.
Parameters:
id - the unique identifier of the issuer as array of boolean values

equals

public boolean equals(Object obj)
Compares this IssuerSerial to the specified object.
Overrides:
equals in class Object
Parameters:
obj - the object to compare this IssuerSerial against.
Returns:
true, if the given object is equal to this IssuerSerial, false otherwise

identifiesCert

public boolean identifiesCert(X509Certificate baseCertificate)
Checks if this IssuerSerial identifies the given base certificate.
Returns:
true if issuerDN and serialNumber of the given base certificate match to issuer and serial number of this IssuerSerial, false if not if the cert contains the issuer unique identifer field, its value is compared to the one of this IssuerSerial

hashCode

public int hashCode()
Returns a hashcode for this IssuerSerial.
Overrides:
hashCode in class Object
Returns:
a hashcode for this IssuerSerial

toString

public String toString()
Returns a string giving some information about this IssuerSerial object.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK