|
5.24 (c) 2002 IAIK, (c) 2003 - 2014 SIC |
|
public interface AttCertIssuer
The
Internet Attribute Certificate Profile for Authorization
(RFC 5755) specifies the AttCertIssuer for identifying the issuer of
an attribute certificate (entity who signs the attribute certificate):
AttCertIssuer ::= CHOICE {
v1Form GeneralNames, -- MUST NOT be used in this
-- profile
v2Form [0] V2Form -- v2 only
}
Attribute certifcates conforming to the Internet Attribute
Certificate Profile for Authorization presented in RFC 5755 are not
allowed to use the V1Form choice
for representing the issuer, they must use the V2Form choice:
ACs conforming to this profile MUST use the v2Form choice, which MUST contain one and only one GeneralName in the issuerName, which MUST contain a non-empty distinguished name in the directoryName field. This means that all AC issuers MUST have non-empty distinguished names. ACs conforming to this profile MUST omit the baseCertificateID and objectDigestInfo fields. Part of the reason for the use of the v2Form containing only an issuerName is that it means that the AC issuer does not have to know which PKC the AC verifier will use for it (the AC issuer). Using the baseCertificateID field to reference the AC issuer would mean that the AC verifier would have to trust the PKC that the AC issuer chose (for itself) at AC creation time.Use class
Name for
creating a V2Form attCertIssuer holding
a directoryName to be set as
the issuer of an AttributeCertificate:
Name issuerName = ...; V2Form v2Form = new V2Form(issuerName); attributeCertificate.setIssuer(v2Form);
AttributeCertificate,
V1Form,
V2Form| Modifier and Type | Field and Description |
|---|---|
static int |
V1_FORM
Attribute certificate issuer representation v1Form (1).
|
static int |
V2_FORM
Attribute certificate issuer representation v2Form (2).
|
| Modifier and Type | Method and Description |
|---|---|
void |
decode(ASN1Object obj)
Decodes an AttCertIssuer from its ASN.1 representasion.
|
boolean |
equals(java.lang.Object obj)
Compares this
AttCertIssuer to the specified object. |
int |
getVForm()
Returns the version this AttCertIssuer represents
-- either v1Form (1) or v2Form (2).
|
int |
hashCode()
Returns a hashcode for this AttCertIssuer.
|
ASN1Object |
toASN1Object()
Returns this AttCertIssuer as ASN1Object.
|
java.lang.String |
toString()
Returns a string giving some information about this
AttCertIssuer object. |
static final int V1_FORM
GeneralNames.static final int V2_FORM
V2Form.int getVForm()
boolean equals(java.lang.Object obj)
AttCertIssuer to the specified object.equals in class java.lang.Objectobj - the object to compare this AttCertIssuer
against.true, if the given object is equal to this
AttCertIssuer,
AttCertIssuer otherwiseint hashCode()
hashCode in class java.lang.Objectvoid decode(ASN1Object obj) throws CodingException
obj - the AttCertIssuer as ASN1ObjectCodingExceptionASN1Object toASN1Object()
java.lang.String toString()
AttCertIssuer object.toString in class java.lang.Object