Class AttributeCertificateHolder

  • All Implemented Interfaces:
    io.anyline.nfc.bouncycastle.util.Selector , java.lang.Cloneable

    
    public class AttributeCertificateHolder
     implements Selector<T>
                        

    The Holder object.

             Holder ::= SEQUENCE {
                   baseCertificateID   [0] IssuerSerial OPTIONAL,
                            -- the issuer and serial number of
                            -- the holder's Public Key Certificate
                   entityName          [1] GeneralNames OPTIONAL,
                            -- the name of the claimant or role
                   objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
                            -- used to directly authenticate the holder,
                            -- for example, an executable
             }
    

    Note: If objectDigestInfo comparisons are to be carried out the static method setDigestCalculatorProvider must be called once to configure the class to do the necessary calculations.

    • Constructor Detail

      • AttributeCertificateHolder

        AttributeCertificateHolder(X500Name issuerName, BigInteger serialNumber)
        Create a holder using the baseCertificateID element.
        Parameters:
        issuerName - name of associated certificate's issuer.
        serialNumber - serial number of associated certificate.
      • AttributeCertificateHolder

        AttributeCertificateHolder(X509CertificateHolder cert)
        Create a holder using the baseCertificateID option based on the passed in associated certificate,
        Parameters:
        cert - the certificate to be associated with this holder.
      • AttributeCertificateHolder

        AttributeCertificateHolder(X500Name principal)
        Create a holder using the entityName option based on the passed in principal.
        Parameters:
        principal - the entityName to be associated with the attribute certificate.
      • AttributeCertificateHolder

        AttributeCertificateHolder(int digestedObjectType, ASN1ObjectIdentifier digestAlgorithm, ASN1ObjectIdentifier otherObjectTypeID, Array<byte> objectDigest)
        Constructs a holder for v2 attribute certificates with a hash value for some type of object.
        Parameters:
        digestedObjectType - The digest object type.
        digestAlgorithm - The algorithm identifier for the hash.
        otherObjectTypeID - The object type ID if digestedObjectType is otherObjectDigest.
        objectDigest - The hash value.
    • Method Detail

      • getDigestedObjectType

         int getDigestedObjectType()

        Returns the digest object type if an object digest info is used.

        • 0 - publicKey - A hash of the public key of the holder must be passed.
        • 1 - publicKeyCert - A hash of the public key certificate of the holder must be passed.
        • 2 - otherObjectDigest - A hash of some other object type must be passed. otherObjectTypeID must not be empty.
        Returns:

        The digest object type or -1 if no object digest info is set.

      • getDigestAlgorithm

         AlgorithmIdentifier getDigestAlgorithm()

        Returns algorithm identifier for the digest used if ObjectDigestInfo is present.

        Returns:

        digest AlgorithmIdentifier or null if ObjectDigestInfo is absent.

      • getObjectDigest

         Array<byte> getObjectDigest()

        Returns the hash if an object digest info is used.

        Returns:

        The hash or null if ObjectDigestInfo is absent.

      • getOtherObjectTypeID

         ASN1ObjectIdentifier getOtherObjectTypeID()

        Returns the digest algorithm ID if an object digest info is used.

        Returns:

        The digest algorithm ID or null if no object digest info is set.

      • getEntityNames

         Array<X500Name> getEntityNames()

        Return any principal objects inside the attribute certificate holder entity names field.

        Returns:

        an array of Principal objects (usually X500Principal), null if no entity names field is set.

      • getIssuer

         Array<X500Name> getIssuer()

        Return the principals associated with the issuer attached to this holder

        Returns:

        an array of principals, null if no BaseCertificateID is set.

      • getSerialNumber

         BigInteger getSerialNumber()

        Return the serial number associated with the issuer attached to this holder.

        Returns:

        the certificate serial number, null if no BaseCertificateID is set.

      • match

         boolean match(Object obj)

        Match the passed in object, returning true if it would be selected by this selector, false otherwise.

        Parameters:
        obj - the object to be matched.
        Returns:

        true if the object is a match for this selector, false otherwise.

      • setDigestCalculatorProvider

         static void setDigestCalculatorProvider(DigestCalculatorProvider digCalcProvider)

        Set a digest calculator provider to be used if matches are attempted using ObjectDigestInfo,

        Parameters:
        digCalcProvider - a provider of digest calculators.