TargetCert (6.0 API Documentation)

java.lang.Object
- iaik.x509.attr.Target
- - iaik.x509.attr.TargetCert

All Implemented Interfaces:

ASN1Type
```
public class TargetCert
extends Target
```
This class implements the TargetCert type specified by the X.509 Attribute Certificate profile (RFC 5755) to be used within TargetInformation or ProxyInfo attribute certificate extensions.
A TargetCert, when included in a TargetInformation extension, may specify some server/service for which the attribute certificate that contains the TargetInformation can be used.
A TargetCert, when included in a ProxyInfo extension, may specify some server/service which represents a valid sender (proxy) or recipient of the attribute certificate that contains the ProxyInfo extension.
Both, TargetInformation and ProxyInfo extensions are defined as an ASN.1 SEQUENCE OF Targets, where each Targets object itself can hold any number of Target elements:
```
 TargetInformation ::= SEQUENCE OF Targets
 
 ProxyInfo ::= SEQUENCE OF Targets
 
 Targets ::= SEQUENCE OF Target
 
```
A Target element can be a TargetCert, TargetGroup or TargetCert (RFC 5755 recommends to use the TargetName or TargetGroup choice, but TargetCert MUST NOT be used):
```
   Target ::= CHOICE {
     targetName          [0] GeneralName
     targetGroup         [1] GeneralName
     targetCert          [2] TargetCert
   }
 
   TargetCert  ::= SEQUENCE {
     targetCertificate    IssuerSerial,
     targetName           GeneralName OPTIONAL,
     certDigestInfo       ObjectDigestInfo OPTIONAL
   }
 
```
As seen from above a TargetCert must contain the targetCertificate field and may contain optional targetName and certDigestInfo fields. Thus an IssuerSerial object has to be specified when creating a TargetCert for naming some specific server/service as target for an attribute certificate by referencing the server certificate, e.g.:
```
 // server certificate
 X509Certificate serverCert = ...;
 // create IssuerSerial
 IssuerSerial issuerSerial = new IssuerSerial(serverCert);
 // create TargetCert
 TargetCert = new TargetCert(issuerSerial);
 
```
Optional targetName and certDigestInfo fields have to be created as GeneralName and ObjectDigestInfo objects, respectively, e.g.:
```
 // targetName field 
 GeneralName targetName = new GeneralName(GeneralName.uniformResourceIdentifier, "www.iaik.at");
 targetCert.setTargetName(targetName);
 // certDigestInfo field
 ObjectDigestInfo certDigestInfo = new ObjectDigestInfo(serverCert, AlgorithmID.sha1);
 targetCert.setCertDigestInfo(certDigestInfo); 
 
```
After having created a TargetCert element it typically may be added to a Targets object to then be included into a TargetInformation or ProxyInfo extension, e.g.:
```
 Targets targets = new Targets();
 targets.addTarget(targetCert);
 ProxyInfo proxyInfo = new ProxyInfo();
 proxyInfo.addTargets(targets);
 
```
For a TargetInformation (which shall contain one single Targets object only) it is also possible to immediately add the TargetCert element:
```
 TargetInformation targetInformation = new TargetInformation();
 targetInformation.addTargetElement(targetCert);
 
```
An AC verifier, when receiving an attribute certificate that contains a TargetInformation or ProxyInfo extension, may query for the included Target elements, e.g.:
```
 ...
 TargetInformation targetInformation = (TargetInformation)attributeCertificate.getExtension(TargetInformation.oid);
 if (targetInformation != null) {
   Target[] targetElements = targetInformation.getTargetElements();
   for (int i = 0; i < targetElements; i++) {
     if (targetElements[i].getType() == Target.TARGET_NAME) {
       TargetCert targetCert = (TargetCert)targetElements[i];
       ...
     }
   }
 }
 
```
However, typically the AC verifier only will call the TargetInformation isTargetFor or ProxyInfo checkProxy methods to check if the received attribute certificate can be accepted by the current server, e.g.:
```
 TargetCert server = ...;
 if (targetInformation.isTargetFor(server) {
   // ok; accept ac
 } else {
   // reject ac
 }
 
```
When calling TargetInformation.isTargetFor or ProxyInfo.checkProxy the targeting check is controlled by the TargetChecker. When checking a server if it is referenced by a TargetCert contained in an attribute certificate, the default TargetChecker implementation requires that the server object is given as TargetCert itself. The server TargetCert then is checked if it is equal to the AC TargetCert.
In any other case -- if the server object is not given as TargetCert -- a TargetException is thrown indicating that the server object cannot be handled by the TargetChecker. An application may plug-in its own TargetChecker implementation for enforcing a more sophisticated target checking policy which may be tailored to application specific requirements that cannot be considered by a general default implementation.
See Also:
GeneralName, V3Extension, AttributeCertificate, IssuerSerial, ObjectDigestInfo, Target, Targets, TargetName, TargetGroup, TargetInformation, ProxyInfo

Field Summary
- Fields inherited from class iaik.x509.attr.Target
  TARGET_CERT, TARGET_GROUP, TARGET_NAME

Constructor Summary

Constructors
Constructor and Description
`TargetCert(ASN1Object asn1Obj)` Creates a TargetCert form its ASN.1 representation.
`TargetCert(IssuerSerial targetCertificate)` Creates a new TargetCert object with the given issuer and serial number.

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`decodeUnTaggedASN1Object(ASN1Object obj)` Decodes (parses) the untagged ASN.1 representation of this TargetCert object.
`boolean`	`equals(java.lang.Object obj)` Compares this `TargetCert` with the specified object.
`ObjectDigestInfo`	`getCertDigestInfo()` Gets the certificate digest info.
`IssuerSerial`	`getTargetCertificate()` Gets the target certificate.
`GeneralName`	`getTargetName()` Gets the target name.
`int`	`getType()` Returns the type this Target represents.
`protected java.lang.String`	`getTypeAsString()` Gets the type (as String "TargetCert") this target represents.
`int`	`hashCode()` Returns a hashcode for this TargetCert
`void`	`setCertDigestInfo(ObjectDigestInfo certDigestInfo)` Sets the certificate digest info.
`void`	`setTargetName(GeneralName targetName)` Sets the target name.
`java.lang.String`	`toString()` Gets a string giving some information about this `TargetCert` object.
`ASN1Object`	`toUnTaggedASN1Object()` Gets the untagged ASN.1 representation of this TargetCert object.

Methods inherited from class iaik.x509.attr.Target
decode, isTargetFor, parseTarget, setTargetChecker, toASN1Object

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - TargetCert
```
public TargetCert(IssuerSerial targetCertificate)
```
    Creates a new TargetCert object with the given issuer and serial number. Issuer and serial number may reference the certificate of the target server, e.g.:
```
 // server certificate
 X509Certificate serverCert = ...;
 // create IssuerSerial
 IssuerSerial issuerSerial = new IssuerSerial(serverCert);
 // create TargetCert
 TargetCert = new TargetCert(issuerSerial);
 
```
    Parameters:
    targetCertificate - the issuer and serial number
  - TargetCert
```
public TargetCert(ASN1Object asn1Obj)
           throws CodingException
```
    Creates a TargetCert form its ASN.1 representation. The ASN1Object supplied to this constructor must represent an already (context specific [2]) tagged TargetCert CHOICE:
```
   Target ::= CHOICE {
     targetName          [0] GeneralName
     targetGroup         [1] GeneralName
     targetCert          [2] TargetCert
 }

 TargetCert  ::= SEQUENCE {
   targetCertificate    IssuerSerial,
   targetName           GeneralName OPTIONAL,
   certDigestInfo       ObjectDigestInfo OPTIONAL
 }
 
```
    Parameters:
    asn1Obj - the TargetCert as ASN1Object (context specific tagged CHOICE with tag number 2)
    
    Throws:
    
    CodingException - if an error occurs when parsing the ASN1Object
- Method Detail
  - getType
```
public int getType()
```
    Returns the type this Target represents.
    
    Specified by:
    
    getType in class Target
    
    Returns:
    the Target type (2 -- TARGET_CERT)
  - getTypeAsString
```
protected java.lang.String getTypeAsString()
```
    Gets the type (as String "TargetCert") this target represents.
    
    Specified by:
    
    getTypeAsString in class Target
    
    Returns:
    "TargetCert"
  - getTargetCertificate
```
public IssuerSerial getTargetCertificate()
```
    Gets the target certificate.
    
    Returns:
    the target certificate issuer and serial
  - setTargetName
```
public void setTargetName(GeneralName targetName)
```
    Sets the target name. The target name has to be specified as GeneralName object, e.g.:
```
 GeneralName targetName = new GeneralName(GeneralName.uniformResourceIdentifier, "www.iaik.at");
 targetCert.setTargetName(targetName);
 
```
    Parameters:
    targetName - the name of the target
  - getTargetName
```
public GeneralName getTargetName()
```
    Gets the target name.
    
    Returns:
    the name of the target, or null if not set
  - setCertDigestInfo
```
public void setCertDigestInfo(ObjectDigestInfo certDigestInfo)
```
    Sets the certificate digest info. The certDigestInfo has to be specified as ObjectDigestInfo object, e.g.:
```
 ObjectDigestInfo certDigestInfo = new ObjectDigestInfo(serverCert, AlgorithmID.sha1);
 targetCert.setCertDigestInfo(certDigestInfo); 
 
```
    Parameters:
    certDigestInfo - the certificate digest info
  - getCertDigestInfo
```
public ObjectDigestInfo getCertDigestInfo()
```
    Gets the certificate digest info.
    
    Returns:
    certificate digest info, or null if not set
  - equals
```
public boolean equals(java.lang.Object obj)
```
    Compares this TargetCert with the specified object.
    
    Specified by:
    
    equals in class Target
    
    Parameters:
    obj - the object to which to compare this TargetCert
    
    Returns:
    true, if the given object is equal to this TargetCert; false otherwise
  - hashCode
```
public int hashCode()
```
    Returns a hashcode for this TargetCert
    
    Overrides:
    
    hashCode in class Target
    
    Returns:
    a hashcode for this TargetCert
  - decodeUnTaggedASN1Object
```
public void decodeUnTaggedASN1Object(ASN1Object obj)
                              throws CodingException
```
    Decodes (parses) the untagged ASN.1 representation of this TargetCert object.
    A Target is defined as ASN.1 CHOICE of targetName, targetGroup or targetCert, which are context specific tagged with tag number 0, 1, 2, respectively (see RFC 5755):
```
 Target ::= CHOICE {
   targetName         [0] GeneralName,
   targetGroup        [1] GeneralName,
   targetCert         [2] TargetCert
 }
 
 TargetCert  ::= SEQUENCE {
   targetCertificate    IssuerSerial,
   targetName           GeneralName OPTIONAL,
   certDigestInfo       ObjectDigestInfo OPTIONAL
 }
 
```
    This method decodes/parses the untagged ASN.1 representation of an ASN.1 TargetCert; thus the given ASN1Object must represent an ASN.1 SEQUENCE holding at least the targetCertificate IssuerSerial component. For decoding the tagged ASN.1 representation (a CHOICE with tag number [2]), method decode is used.
    Specified by:
    
    decodeUnTaggedASN1Object in class Target
    
    Parameters:
    obj - the untagged ASN.1 TargetCert to be decoded/parsed
    
    Throws:
    
    CodingException - if a decoding/parsing error occurs
  - toUnTaggedASN1Object
```
public ASN1Object toUnTaggedASN1Object()
                                throws CodingException
```
    Gets the untagged ASN.1 representation of this TargetCert object.
    A Target is defined as ASN.1 CHOICE of targetName, targetGroup or targetCert, which are context specific tagged with tag number 0, 1, 2, respectively (see RFC 5755):
```
 Target ::= CHOICE {
   targetName         [0] GeneralName,
   targetGroup        [1] GeneralName,
   targetCert         [2] TargetCert
 }
 
 TargetCert  ::= SEQUENCE {
   targetCertificate    IssuerSerial,
   targetName           GeneralName OPTIONAL,
   certDigestInfo       ObjectDigestInfo OPTIONAL
 }
 
```
    This method returns the untagged ASN.1 representation of this TargetCert (i.e. an ASN.1 SEQUENCE representing the value of this TargetCert). The tagged ASN.1 representation (i.e. a CHOICE with tag number [2], is returned by method toASN1Object.
    Specified by:
    
    toUnTaggedASN1Object in class Target
    
    Returns:
    the untagged ASN.1 representation of this TargetCert object
    
    Throws:
    
    CodingException - if an error occurs when creating the ASN.1 object
  - toString
```
public java.lang.String toString()
```
    Gets a string giving some information about this TargetCert object.
    
    Overrides:
    
    toString in class Target
    
    Returns:
    the string representation

Class TargetCert

Field Summary

Fields inherited from class iaik.x509.attr.Target

Constructor Summary

Method Summary

Methods inherited from class iaik.x509.attr.Target

Methods inherited from class java.lang.Object

Constructor Detail

TargetCert

TargetCert

Method Detail

getType

getTypeAsString

getTargetCertificate

setTargetName

getTargetName

setCertDigestInfo

getCertDigestInfo

equals

hashCode

decodeUnTaggedASN1Object

toUnTaggedASN1Object

toString