iaik.x509.attr

Class V2Form

java.lang.Object

iaik.x509.attr.V2Form

All Implemented Interfaces:

AttCertIssuer

public class V2Form
extends java.lang.Object
implements AttCertIssuer

This class implements the AC type V2Form.

The Internet Attribute Certificate Profile for Authorization (RFC 5755) specifies the V2Form type as a TO BE USED option for identifying the issuer of an attribute certificate (entity who signs the attribute certificate):

 AttCertIssuer ::= CHOICE {
    v1Form   GeneralNames,  -- MUST NOT be used in this
                            -- profile
    v2Form   [0] V2Form     -- v2 only
 }


 V2Form ::= SEQUENCE {
   issuerName            GeneralNames  OPTIONAL,
   baseCertificateID     [0] IssuerSerial  OPTIONAL,
   objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
           -- issuerName MUST be present in this profile
           -- baseCertificateID and objectDigestInfo MUST NOT
           -- be present in this profile
 }

 ACs conforming to this profile MUST use the v2Form choice, which MUST
 contain one and only one GeneralName in the issuerName, which MUST
 contain a non-empty distinguished name in the directoryName field.
 This means that all AC issuers MUST have non-empty distinguished
 names.  ACs conforming to this profile MUST omit the
 baseCertificateID and objectDigestInfo fields.

 Part of the reason for the use of the v2Form containing only an
 issuerName is that it means that the AC issuer does not have to know
 which PKC the AC verifier will use for it (the AC issuer).  Using the
 baseCertificateID field to reference the AC issuer would mean that
 the AC verifier would have to trust the PKC that the AC issuer chose
 (for itself) at AC creation time.
 

When creating a V2Form an application may supply the required GeneralNames structure or specify the distingished name of the issuer, e.g.:

 Name issuer = ...;
 V2Form v2Form = new V2Form(issuer);
 

Version:

File Revision 15

See Also:

AttributeCertificate, IssuerSerial, ObjectDigestInfo, GeneralNames, V1Form

Field Summary

Fields inherited from interface iaik.x509.attr.AttCertIssuer

V1_FORM, V2_FORM

Constructor Summary

Constructors

Constructor and Description
V2Form(ASN1Object obj) Creates a V2Form from its ASN.1 representation.
V2Form(GeneralNames issuerName) Creates a V2Form from the given GeneralNames.
V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID, ObjectDigestInfo objectDigestInfo) Creates a V2Form object from given issuerName, baseCertificateID and ObjectDigestInfo.
V2Form(Name issuerName) Creates a V2Form for the given issuer name.

Method Summary

Methods

Modifier and Type	Method and Description
void	decode(ASN1Object obj) Decodes a V2Form from its ASN.1 representation.
boolean	equals(java.lang.Object obj) Compares this V2Form to the specified object.
IssuerSerial	getBaseCertificateID() Gets the baseCertificateID of this V2Form, if set.
Name	getIssuerDN() Gets the issuer distinguished name, if included in this V2Form.
GeneralNames	getIssuerName() Gets the IssuerName of this V2Form, if set.
ObjectDigestInfo	getObjectDigestInfo() Gets the objectDigestInfo of this V2Form, if set.
int	getVForm() Returns 2 (v2Form -- the version this AttcertIssuer represents).
int	hashCode() Returns a hashcode for this V2Form.
ASN1Object	toASN1Object() Returns this V2Form as ASN1Object.
java.lang.String	toString() Returns a string giving some information about this V2Form object.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

V2Form

public V2Form(GeneralNames issuerName)

Creates a V2Form from the given GeneralNames.

Parameters:

issuerName - the GeneralNames identifying the AC issuer

V2Form

public V2Form(Name issuerName)

Creates a V2Form for the given issuer name.

A GeneralName for the given directoryName is internally created, according to the requirements of RFC 5755:

 ACs conforming to this profile MUST use the v2Form choice, which MUST
 contain one and only one GeneralName in the issuerName, which MUST
 contain a non-empty distinguished name in the directoryName field.
 This means that all AC issuers MUST have non-empty distinguished
 names. 
 

Parameters:

issuerName - the name of the AC issuer

V2Form

public V2Form(GeneralNames issuerName,
      IssuerSerial baseCertificateID,
      ObjectDigestInfo objectDigestInfo)

Creates a V2Form object from given issuerName, baseCertificateID and ObjectDigestInfo.

Parameters:

issuerName - the issuer name

baseCertificateID - the baseCertificateID

objectDigestInfo - the ObjectDigestInfo

V2Form

public V2Form(ASN1Object obj)
       throws CodingException

Creates a V2Form from its ASN.1 representation.

Parameters:

obj - the V2Form as ASN1Object

Throws:

CodingException - if an decoding/parsing error occurs or the the information contained is not appropriate for a V2Form

Method Detail

getIssuerName

public GeneralNames getIssuerName()

Gets the IssuerName of this V2Form, if set.

Returns:

the IssuerName GeneralNames, if set

getIssuerDN

public Name getIssuerDN()

Gets the issuer distinguished name, if included in this V2Form. This method looks if this V2Form contains the issuerName component (as required by the PKIX Attribute certificate profile). If yes, it checks if the issuerName GeneralNames contains a GeneralName of type directoryName (as required by the PKIX Attribute certificate profile).

Returns:

the issuer DN, or null if no dn is included in this V1Form

getBaseCertificateID

public IssuerSerial getBaseCertificateID()

Gets the baseCertificateID of this V2Form, if set.

Returns:

the baseCertificateID IssuerSerial, if set

getObjectDigestInfo

public ObjectDigestInfo getObjectDigestInfo()

Gets the objectDigestInfo of this V2Form, if set.

Returns:

the objectDigestInfo, if set

toASN1Object

public ASN1Object toASN1Object()

Returns this V2Form as ASN1Object.

Specified by:

toASN1Object in interface AttCertIssuer

Returns:

this V2Form as ASN1Object

decode

public void decode(ASN1Object obj)
            throws CodingException

Decodes a V2Form from its ASN.1 representation.

Specified by:

decode in interface AttCertIssuer

Parameters:

obj - the V2Form as ASN1Object

Throws:

CodingException - if an decoding/parsing error occurs or the the information contained is not appropriate for a V2Form

equals

public boolean equals(java.lang.Object obj)

Compares this V2Form to the specified object.

Specified by:

equals in interface AttCertIssuer

Overrides:

equals in class java.lang.Object

Parameters:

obj - the object to compare this V2Form against.

Returns:

true, if the given object is equal to this V2Form, false otherwise

hashCode

public int hashCode()

Returns a hashcode for this V2Form.

Specified by:

hashCode in interface AttCertIssuer

Overrides:

hashCode in class java.lang.Object

Returns:

a hashcode for this V2Form

getVForm

public int getVForm()

Returns 2 (v2Form -- the version this AttcertIssuer represents).

Specified by:

getVForm in interface AttCertIssuer

toString

public java.lang.String toString()

Returns a string giving some information about this V2Form object.

Specified by:

toString in interface AttCertIssuer

Overrides:

toString in class java.lang.Object

Returns:

the string representation