CertificateIssuer (6.0 API Documentation)

java.lang.Object
- iaik.x509.V3Extension
- - iaik.x509.extensions.CertificateIssuer

```
public class CertificateIssuer
extends V3Extension
```
This class implements the CertificateIssuer extension. The CertificateIssuer extension is a critical standard X509v2 CRL entry extension.
Each extension is associated with a specific certificateExtension object identifier, derived from:
```
 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension
 
```
The object identifier for the CRLNumber extension is defined as:
id-ce-cRLReason OBJECT IDENTIFIER ::= { id-ce 29 }
which corresponds to the OID string "2.5.29.29".
The X.509 Certificate and CRL profile presented in RFC 3280 specifies the CertifcateIssuer extension for identifying the certificate issuer associated with an entry in an indirect CRL, i.e. a CRL that has the indirectCRL indicator set in its issuing distribution point extension. If this extension is not present on the first entry in an indirect CRL, the certificate issuer defaults to the CRL issuer. On subsequent entries in an indirect CRL, if this extension is not present, the certificate issuer for the entry is the same as that for the preceding entry.
ASN.1 definition:
```
 CertificateIssuer ::= GeneralNames
 
```
Since in the IAIK-JCE environment revoked certificates are implementations of the iaik.x509.RevokedCertificate class, a InvalidityData CRL entry extension may be added to a revoked certificate by using the addExtension method of the iaik.x509.RevokedCertificate class. Any revoked certificate itself is added to a certificate revocation list by using a proper addCertificate method of the iaik.x509.X509CRL class, e.g.:
```
 //Create a revoked certificate from a X509Certificate and set the revocation date
 //to the current date; the X509Certificate is read in from a file:
 GregorianCalendar revocationDate = (GregorianCalendar)Calendar.getInstance();
 InputStream fis = new FileInputStream("cert.der");
 X509Certificate cert = new X509Certificate(fis);
 fis.close();
 RevokedCertificate rev_cert = new RevokedCertificate(cert, revocationDate.getTime());
 //add the the certificate issuer:
 GeneralNames issuer = ...;
 CertificateIssuer certificateIssuer = new CertificateIssuer(issuer);
 rev_cert.addExtension(certificateIssuer);
 //add the revoked certificate to the crl
 X509CRL crl = new X509CRL();
  ...
 crl.addCertificate(rev_cert);
 
```
Version:

File Revision 14

See Also:
X509CRL, X509Certificate, RevokedCertificate

Field Summary

Fields
Modifier and Type Field and Description

static ObjectID oid
The object identifier of this CertificateIssuer extension.
- Fields inherited from class iaik.x509.V3Extension
  critical

Fields
Modifier and Type	Field and Description
`static ObjectID`	`oid` The object identifier of this CertificateIssuer extension.

Constructor Summary

Constructors
Constructor and Description
`CertificateIssuer()` Default constructor.
`CertificateIssuer(GeneralNames issuer)` Creates a new `CertificateIssuer` from the given issuer name.
`CertificateIssuer(Name issuerDN)` Creates a new `CertificateIssuer` from the given issuer dn.

Method Summary

Methods
Modifier and Type	Method and Description
`GeneralNames`	`getIssuer()` Returns the certificate issuer.
`Name`	`getIssuerDN()` Gets the issuer dn of this `CertificateIssuer` object.
`ObjectID`	`getObjectID()` Returns the object ID of this `CertificateIssuer` extension
`int`	`hashCode()` Returns a hashcode for this identity.
`void`	`init(ASN1Object obj)` Inits this `CertificateIssuer` implementation with an ASN1object representing the value of this extension.
`void`	`setIssuer(GeneralNames issuer)` Sets the issuer of this `CertificateIssuer` object.
`void`	`setIssuerDN(Name issuerDN)` Sets the issuer dn of this `CertificateIssuer` object.
`ASN1Object`	`toASN1Object()` Returns an ASN1Object representing the value of this `CertificateIssuer` extension object.
`java.lang.String`	`toString()` Returns a string that represents the contents of the `CertificateIssuer` extension.

Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait

- Field Detail
  - oid
```
public static final ObjectID oid
```
    The object identifier of this CertificateIssuer extension. The corresponding OID string is "2.5.29.29".
- Constructor Detail
  - CertificateIssuer
```
public CertificateIssuer()
```
    Default constructor.
    Creates an empty CertificateIssuer object.
    Use setIssuer for specifying the certificate issuer as {iaik.asn1.structures.GeneralNames iaik.asn1.structures.GeneralNames} object, e.g.:
```
 GeneralNames issuer = new GeneralNames();
 CertificateIssuer certIssuer = new CertificateIssuer();
 certIssuer.setIssuer(issuer);
 
```
  - CertificateIssuer
```
public CertificateIssuer(GeneralNames issuer)
```
    Creates a new CertificateIssuer from the given issuer name.
    For instance:
```
 GeneralNames issuer = ...;
 CertificateIssuer certificateIssuer = new CertificateIssuer(issuer);
 
```
    Parameters:
    issuer - the certificate issuer to be set
  - CertificateIssuer
```
public CertificateIssuer(Name issuerDN)
```
    Creates a new CertificateIssuer from the given issuer dn. This contstructor may be used if the certificate issuer GeneralNames is of type directoryName (like, for instance, for a X.509 public key certificate), e.g.:
```
 X509Certificate cert = ...;
 Name issuerDN = (Name)cert.getIssuerDN();
 CertificateIssuer certificateIssuer = new CertificateIssuer(issuerDN);
 
```
    Parameters:
    issuerDN - the certificate issuer to be set
- Method Detail
  - getObjectID
```
public ObjectID getObjectID()
```
    Returns the object ID of this CertificateIssuer extension
    
    Specified by:
    
    getObjectID in class V3Extension
    
    Returns:
    the object ID
  - init
```
public void init(ASN1Object obj)
          throws X509ExtensionException
```
    Inits this CertificateIssuer implementation with an ASN1object representing the value of this extension.
    The given ASN1Object represents a GeneralNames giving the certificate issuer.
    The given ASN1Object is the one created by toASN1Object().
    This method is used by the X509Extensions class when parsing the ASN.1 representation of a CRL for properly initializing an included CertificateIssuer extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.
    
    Specified by:
    
    init in class V3Extension
    
    Parameters:
    obj - the CertificateIssuer as ASN1Object
    
    Throws:
    
    X509ExtensionException - if the extension cannot be init
  - toASN1Object
```
public ASN1Object toASN1Object()
                        throws X509ExtensionException
```
    Returns an ASN1Object representing the value of this CertificateIssuer extension object.
    The returned ASN1Object is an ASN.1 GeneralNames representing the certificate issuer:
```
 certificateIssuer ::= GeneralNames
 
```
    Specified by:
    
    toASN1Object in class V3Extension
    
    Returns:
    the value of this CertificateIssuer as ASN1Object
    
    Throws:
    
    X509ExtensionException - if an error occurs when parsing the supplied ASN.1 object
  - setIssuer
```
public void setIssuer(GeneralNames issuer)
```
    Sets the issuer of this CertificateIssuer object.
    For instance:
```
 CertificateIssuer certificateIssuer = new CertificateIssuer();
 GeneralNames issuer = ...;
 certificateIssuer.setIssuer(issuer);
 
```
    Parameters:
    issuer - the certificate issuer to be set
  - setIssuerDN
```
public void setIssuerDN(Name issuerDN)
```
    Sets the issuer dn of this CertificateIssuer object. This method may be used if the certificate issuer GeneralNames is of type directoryName (like, for instance, for a X.509 public key certificate), e.g.:
```
 X509Certificate cert = ...;
 Name issuerDN = (Name)cert.getIssuerDN();
 CertificateIssuer certificateIssuer = new CertificateIssuer();
 certificateIssuer.setIssuerDN(issuerDN);
 
```
    Parameters:
    issuerDN - the certificate issuer dn
  - getIssuer
```
public GeneralNames getIssuer()
```
    Returns the certificate issuer.
    
    Returns:
    the certificate issuer
  - getIssuerDN
```
public Name getIssuerDN()
```
    Gets the issuer dn of this CertificateIssuer object. This method may be used if the certificate issuer GeneralNames is of type directoryName (like, for instance, for a X.509 public key certificate).
    
    See Also:
    setIssuerDN(iaik.asn1.structures.Name)
  - hashCode
```
public int hashCode()
```
    Returns a hashcode for this identity.
    
    Specified by:
    
    hashCode in class V3Extension
    
    Returns:
    a hash code for this identity
  - toString
```
public java.lang.String toString()
```
    Returns a string that represents the contents of the CertificateIssuer extension.
    
    Overrides:
    
    toString in class java.lang.Object
    
    Returns:
    the string representation

Class CertificateIssuer

Field Summary

Fields inherited from class iaik.x509.V3Extension

Constructor Summary

Method Summary

Methods inherited from class iaik.x509.V3Extension

Methods inherited from class java.lang.Object

Field Detail

oid

Constructor Detail

CertificateIssuer

CertificateIssuer

CertificateIssuer

Method Detail

getObjectID

init

toASN1Object

setIssuer

setIssuerDN

getIssuer

getIssuerDN

hashCode

toString