iaik.x509.attr

Class TargetName

java.lang.Object

iaik.x509.attr.Target

iaik.x509.attr.TargetName

All Implemented Interfaces:

ASN1Type

public class TargetName
extends Target

This class implements the TargetName type specified by the X.509 Attribute Certificate profile (RFC 5755) to be used within TargetInformation or ProxyInfo attribute certificate extensions.

A TargetName, when included in a TargetInformation extension, may specify some server/service for which the attribute certificate that contains the TargetInformation can be used.
A TargetName, when included in a ProxyInfo extension, may specify some server/service which represents a valid sender (proxy) or recipient of the attribute certificate that contains the ProxyInfo extension.
Both, TargetInformation and ProxyInfo extensions are defined as an ASN.1 SEQUENCE OF Targets, where each Targets object itself can hold any number of Target elements:

 TargetInformation ::= SEQUENCE OF Targets
 
 ProxyInfo ::= SEQUENCE OF Targets
 
 Targets ::= SEQUENCE OF Target
 

A Target element can be a TargetName, TargetGroup or TargetCert:

   Target ::= CHOICE {
     targetName          [0] GeneralName
     targetGroup         [1] GeneralName
     targetCert          [2] TargetCert
   }
 

As seen from above a TargetName is specified as GeneralName. Thus a GeneralName object has to be specified when creating a TargetName for naming some specific server/service as target for an attribute certificate, e.g.:

 GeneralName name = new GeneralName(GeneralName.uniformResourceIdentifier, "jce.iaik.tugraz.at");
 TargetName targetName = new TargetName(name);
 

After having created a TargetName element it typically may be added to a Targets object to then be included into a TargetInformation or ProxyInfo extension, e.g.:

 Targets targets = new Targets();
 targets.addTarget(targetName);
 ProxyInfo proxyInfo = new ProxyInfo();
 proxyInfo.addTargets(targets);
 

For a TargetInformation (which shall contain one single Targets object only) it is also possible to immediately add the TargetName element:

 TargetInformation targetInformation = new TargetInformation();
 targetInformation.addTargetElement(targetName);
 

An AC verifier, when receiving an attribute certificate that contains a TargetInformation or ProxyInfo extension, may query for the included Target elements, e.g.:

 ...
 TargetInformation targetInformation = (TargetInformation)attributeCertificate.getExtension(TargetInformation.oid);
 if (targetInformation != null) {
   Target[] targetElements = targetInformation.getTargetElements();
   for (int i = 0; i < targetElements; i++) {
     if (targetElements[i].getType() == Target.TARGET_NAME) {
       TargetName targetName = (TargetName)targetElements[i];
       ...
     }
   }
 }
 

However, typically the AC verifier only will call the TargetInformation isTargetFor or ProxyInfo checkProxy methods to check if the received attribute certificate can be accepted by the current server, e.g.:

 GeneralName serverName = new GeneralName(GeneralName.uniformResourceIdentifier, "jce.iaik.tugraz.at");
 if (targetInformation.isTargetFor(serverName) {
   // ok; accept ac
 } else {
   // reject ac
 }
 

When calling TargetInformation.isTargetFor or ProxyInfo.checkProxy the targeting check is controlled by the TargetChecker. When checking a server if it is referenced by a TargetName contained in an attribute certificate, the default TargetChecker implementation requires that the server object is given as TargetName or GeneralName. If the server is given as TargetName it is checked if it is equal to the AC TargetName. If the server is given as GeneralName it is checked if it is equal to the GeneralName of the AC TargetName. In any other case -- if the server object is not given as TargetName or GeneralName -- a TargetException is thrown indicating that the server object cannot be handled by the TargetChecker. An application may plug-in its own TargetChecker implementation for enforcing a more sophisticated target checking policy which may be tailored to application specific requirements that cannot be considered by a general default implementation.

See Also:

GeneralName, V3Extension, AttributeCertificate, Target, Targets, TargetGroup, TargetCert, TargetInformation, ProxyInfo

Field Summary

Fields inherited from class iaik.x509.attr.Target

TARGET_CERT, TARGET_GROUP, TARGET_NAME

Constructor Summary

Constructors

Constructor and Description
TargetName(ASN1Object asn1Obj) Creates a TargetName form its ASN.1 representation.
TargetName(GeneralName name) Creates a new TargetName with the given value.

Method Summary

Methods

Modifier and Type	Method and Description
void	decodeUnTaggedASN1Object(ASN1Object obj) Decodes (parses) the untagged ASN.1 representation of this TargetName object.
boolean	equals(java.lang.Object obj) Compares this TargetName with the specified object.
GeneralName	getName() Gets the value (name) of this TargetName object.
int	getType() Returns the type this Target represents.
protected java.lang.String	getTypeAsString() Gets the type (as String "TargetName") this target represents.
int	hashCode() Returns a hashcode for this TargetName
java.lang.String	toString() Gets a string giving some information about this TargetName object.
ASN1Object	toUnTaggedASN1Object() Gets the untagged ASN.1 representation of this TargetName object.

Methods inherited from class iaik.x509.attr.Target

decode, isTargetFor, parseTarget, setTargetChecker, toASN1Object

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

TargetName

public TargetName(GeneralName name)

Creates a new TargetName with the given value.

Parameters:

name - the value (name) of the TargetName

TargetName

public TargetName(ASN1Object asn1Obj)
           throws CodingException

Creates a TargetName form its ASN.1 representation. The ASN1Object supplied to this constructor must represent an already (context specific [0]) tagged GeneralName CHOICE:

   Target ::= CHOICE {
     targetName          [0] GeneralName
     targetGroup         [1] GeneralName
     targetCert          [2] TargetCert
 }
 

Parameters:

asn1Obj - the TargetName as ASN1Object (context specific tagged CHOICE with tag number 0)

Throws:

CodingException - if an error occurs when parsing the ASN1Object

Method Detail

getType

public int getType()

Returns the type this Target represents.

Specified by:

getType in class Target

Returns:

the Target type (0 -- TARGET_NAME)

getTypeAsString

protected java.lang.String getTypeAsString()

Gets the type (as String "TargetName") this target represents.

Specified by:

getTypeAsString in class Target

Returns:

"TargetName"

getName

public GeneralName getName()

Gets the value (name) of this TargetName object.

Returns:

the TargetName value

equals

public boolean equals(java.lang.Object obj)

Compares this TargetName with the specified object.

Specified by:

equals in class Target

Parameters:

obj - the object to which to compare this TargetName

Returns:

true, if the given object is equal to this TargetName; false otherwise

hashCode

public int hashCode()

Returns a hashcode for this TargetName

Overrides:

hashCode in class Target

Returns:

a hashcode for this TargetName

decodeUnTaggedASN1Object

public void decodeUnTaggedASN1Object(ASN1Object obj)
                              throws CodingException

Decodes (parses) the untagged ASN.1 representation of this TargetName object.

A Target is defined as ASN.1 CHOICE of targetName, targetGroup or targetCert, which are context specific tagged with tag number 0, 1, 2, respectively (see RFC 5755):

 Target ::= CHOICE {
   targetName         [0] GeneralName,
   targetGroup        [1] GeneralName,
   targetCert         [2] TargetCert
 }
 

This method decodes/parses the untagged ASN.1 representation of an ASN.1 TargetName; thus the given ASN1Object must represent an ASN.1 GeneralName. For decoding the tagged ASN.1 representation (a CHOICE with tag number [0]), method decode is used.

Specified by:

decodeUnTaggedASN1Object in class Target

Parameters:

obj - the untagged ASN.1 TargetName to be decoded/parsed

Throws:

CodingException - if a decoding/parsing error occurs

toUnTaggedASN1Object

public ASN1Object toUnTaggedASN1Object()
                                throws CodingException

Gets the untagged ASN.1 representation of this TargetName object.
A Target is defined as ASN.1 CHOICE of targetName, targetGroup or targetCert, which are context specific tagged with tag number 0, 1, 2, respectively (see RFC 5755):

 Target ::= CHOICE {
   targetName         [0] GeneralName,
   targetGroup        [1] GeneralName,
   targetCert         [2] TargetCert
 }
 

This method returns the untagged ASN.1 representation of this TargetName (i.e. an ASN.1 GeneralName representing the value of this TargetName). The tagged ASN.1 representation (i.e. a CHOICE with tag number [0], is returned by method toASN1Object.

Specified by:

toUnTaggedASN1Object in class Target

Returns:

the untagged ASN.1 representation of this TargetName object

Throws:

CodingException - if an error occurs when creating the ASN.1 object

toString

public java.lang.String toString()

Gets a string giving some information about this TargetName object.

Overrides:

toString in class Target

Returns:

the string representation