|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
|
+--java.security.cert.CertificateFactorySpi
|
+--iaik.x509.CertificateFactory
|
+--iaik.x509.qualified.QualifiedCertificateFactory
This class implements a CertificateFactory for Qualified Certificates.
The PKIX Qualified Certificate Profile, based on RFC 2459, defines a certificate format for identifying a person with high level of assurance in public non-repudiation servises. The term Qualifed Certifiacte is used to describe a certificate with a certain qualified status within applicable governing law. A CA issuing a qualified certificate has to include information in the certificate indicating that the certificate is a qualified one. The Qualified Certificate Profile describes two complementary ways for including this inforamtion:
CertificatePolicies extension containing a qualified PolicyInformation term may be by looking
at the policy identifier associated with the PolicyInformation object. In similar
way each QCStatement included in a QCStatements extension is identified by its own statement ID which may indicate
a qualified statement.
When using methods generateCertificate or generateCertificate
of this factory for reading in encoded certificates, each certificate is checked of
being a qualified certificate (having a qualified PolicyInformation term in its
CertificatePolicies extension or a qualified QCStatement term in ist QCStatements
extension). If a qualified certificate is found it is returned as QualifiedCertificate object. A "normal"
(not qualified) certificate is returned as X509Certificate object.
When instantiating a QualifiedCertificateFactory object use "Qualified" as standard name:
CertificateFactory cf = CertificateFactory.getInstance("Qualified", "IAIK");
Certificate cert = cf.generateCertificate(is);
if (cert instanceof QualifiedCertificate) {
System.out.println("Qualified certificate!");
}
QualifiedCertificate,
X509Certificate,
X509CRL| Constructor Summary | |
QualifiedCertificateFactory()
|
|
| Method Summary | |
Certificate |
engineGenerateCertificate(InputStream is)
Parses a X.509 certificate from the supplied input stream. |
Collection |
engineGenerateCertificates(InputStream is)
Parses a collection of X.509 certificates from the supplied input stream. |
| Methods inherited from class iaik.x509.CertificateFactory |
engineGenerateCRL, engineGenerateCRLs |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
public QualifiedCertificateFactory()
| Method Detail |
public Certificate engineGenerateCertificate(InputStream is)
throws CertificateException
QualifiedCertificate object is returned, if not a X509Certificate object.engineGenerateCertificate in class CertificateFactoryis - the input stream supplying the encoded certificateCertificateException - if an decoding/parsing error occurs
public Collection engineGenerateCertificates(InputStream is)
throws CertificateException
QualifiedCertificate object, any other as X509Certificate objectengineGenerateCertificates in class CertificateFactoryis - the input stream supplying the encoded certificatesCertificateException - if an decoding/parsing error occurs
|
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note). | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK