QualifiedCertificateFactory (5.24 API Documentation)

java.lang.Object
- java.security.cert.CertificateFactorySpi
- - iaik.x509.CertificateFactory
  - - iaik.x509.qualified.QualifiedCertificateFactory

```
public class QualifiedCertificateFactory
extends CertificateFactory
```
This class implements a CertificateFactory for Qualified Certificates.
The PKIX Qualified Certificate Profile, specified in RFC 3739 and based on the PKIX certificate profile (RFC 3280), defines a certificate format for identifying a person with high level of assurance in public non-repudiation servises. The term Qualifed Certifiacte is used to describe a certificate with a certain qualified status within applicable governing law. A CA issuing a qualified certificate has to include information in the certificate indicating that the certificate is a qualified one. The Qualified Certificate Profile describes two complementary ways for including this inforamtion:
- As information defined by a certificate policy included in the certificate policies extension.
- As a statement included in the Qualified Certificates Statements extension.
The most proper way for recognizing a CertificatePolicies extension containing a qualified PolicyInformation term may be by looking at the policy identifier associated with the PolicyInformation object. In similar way each QCStatement included in a QCStatements extension is identified by its own statement ID which may indicate a qualified statement.
When using methods generateCertificate or generateCertificate of this factory for reading in encoded certificates, each certificate is checked of being a qualified certificate (having a qualified PolicyInformation term in its CertificatePolicies extension or a qualified QCStatement term in ist QCStatements extension). If a qualified certificate is found it is returned as QualifiedCertificate object. A "normal" (not qualified) certificate is returned as X509Certificate object.
When instantiating a QualifiedCertificateFactory object use "Qualified" as standard name:
```
 CertificateFactory cf = CertificateFactory.getInstance("Qualified", "IAIK");
 Certificate cert = cf.generateCertificate(is);
 if (cert instanceof QualifiedCertificate) {
   System.out.println("Qualified certificate!");
 }
 
```
Version:

File Revision 14

See Also:
QualifiedCertificate, X509Certificate, X509CRL

Constructor Summary

Constructors
Constructor and Description

QualifiedCertificateFactory()

Constructors
Constructor and Description
`QualifiedCertificateFactory()`

Method Summary

Methods
Modifier and Type	Method and Description
`java.security.cert.Certificate`	`engineGenerateCertificate(java.io.InputStream is)` Parses a X.509 certificate from the supplied input stream.
`java.util.Collection`	`engineGenerateCertificates(java.io.InputStream is)` Parses a collection of X.509 certificates from the supplied input stream.

Methods inherited from class iaik.x509.CertificateFactory
engineGenerateCRL, engineGenerateCRLs

Methods inherited from class java.security.cert.CertificateFactorySpi
engineGenerateCertPath, engineGenerateCertPath, engineGenerateCertPath, engineGetCertPathEncodings

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - QualifiedCertificateFactory
```
public QualifiedCertificateFactory()
```
- Method Detail
  - engineGenerateCertificate
```
public java.security.cert.Certificate engineGenerateCertificate(java.io.InputStream is)
                                                         throws java.security.cert.CertificateException
```
    Parses a X.509 certificate from the supplied input stream. If the certificate represents a qualified certificate a QualifiedCertificate object is returned, if not a X509Certificate object.
    
    Overrides:
    
    engineGenerateCertificate in class CertificateFactory
    
    Parameters:
    is - the input stream supplying the encoded certificate
    
    Returns:
    the certificate parsed from the stream, either as QualifiedCertificate object or as X509Certificate object
    
    Throws:
    
    java.security.cert.CertificateException - if an decoding/parsing error occurs
  - engineGenerateCertificates
```
public java.util.Collection engineGenerateCertificates(java.io.InputStream is)
                                                throws java.security.cert.CertificateException
```
    Parses a collection of X.509 certificates from the supplied input stream. The collection may be supplied in one of the following formats (encoding = DER):
    1. PKCS7CertList
    2. Chain of DER encoded X.509 certificates
    3. NetscapeCertList
    Any certificate of the supplied collection that represents a qualified certificate is returned as QualifiedCertificate object, any other as X509Certificate object
    Overrides:
    
    engineGenerateCertificates in class CertificateFactory
    
    Parameters:
    is - the input stream supplying the encoded certificates
    
    Returns:
    the collection of X509Certificates/QualifiedCertificates parsed from the stream
    
    Throws:
    
    java.security.cert.CertificateException - if an decoding/parsing error occurs

Class QualifiedCertificateFactory

Constructor Summary

Method Summary

Methods inherited from class iaik.x509.CertificateFactory

Methods inherited from class java.security.cert.CertificateFactorySpi

Methods inherited from class java.lang.Object

Constructor Detail

QualifiedCertificateFactory

Method Detail

engineGenerateCertificate

engineGenerateCertificates