iaik.cms
Class OtherCertificate

java.lang.Object
  extended by java.security.cert.Certificate
      extended by iaik.cms.OtherCertificate
All Implemented Interfaces:
ASN1Type, java.io.Serializable

public class OtherCertificate
extends java.security.cert.Certificate
implements ASN1Type

This class implements the CMS type OtherCertificateFormat.

The Cryptographic Message Syntax (CMS) ( RFC 5652) specifies the OtherCertificateFormat type to allow to include any other (application or user defined) certificate format into a CertificateSet:

 CertificateSet ::= SET OF CertificateChoices
 
CertificateChoices ::= CHOICE { certificate Certificate, -- see X.509 extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete; see PKCS#6 v1AttrCert [1] IMPLICIT AttributeCertificateV1, -- Obsolete; see X.509-1997 v2AttrCert [2] IMPLICIT AttributeCertificateV2, -- see X509-2000 other [3] IMPLICIT OtherCertificateFormat } OtherCertificateFormat ::= SEQUENCE { otherCertFormat OBJECT IDENTIFIER, otherCert ANY DEFINED BY otherCertFormat } CertificateSet ::= SET OF CertificateChoices
Since -- as the name implies -- an other certificate may represent any (other) certificate format, this class only can provide a very generic view of an other certificate. An application that implements some specific (custom) other certificate type, may use this class to add a representant of the other certificate type to a CertificateSet. Thereby the custom other certificate has to be supplied as ASN1Object, e.g. (we assume that the custom other certificate format is implemented by a class named MyOtherCert):
 // create an instance of your custom other certificate:
 MyOtherCert myOtherCert = ...;
 // get an ASN.1 representation of the custom other cert:
 ASN1Object asn1MyOtherCert = myOtherCert.toASN1Object();
 // the oid that identifies the custom other cert type:
 ObjectID myOtherCertFormat = ...;
 // pack the custom other cert into an OtherCertificate:
 OtherCertificate otherCertificate = new OtherCertificate(myOtherCertFormat, asn1MyOtherCert);
 // create a CertificateSet and add the other certificate:
 CertificateSet certSet = new CertificateSet();
 certSet.addCertificate(otherCertificate);
 // add the certificate set to a, e.g., SignedData object:
 SignedData signedData = ...;
 ...
 signedData.setCertificateSet(certSet);
 
The recipient may get the certificate set from the SignedData object and parse the other certificate from its encoded or ASN.1 representation, e.g.:
 // the SignedData object, parsed from the received encoding:
 SignedData signedData = ...;
 ...
 // get the CertificateSet:
 CertificateSet certSet = signedData.getCertificateSet();
 // get any included other certificates:
 OtherCertificate[] otherCerts = certSet.getOtherCertificates();
 if (otherCerts.length > 0) {
   for (int i = 0; i < otherCerts.length; i++) {
     // check the format oid
     if (otherCerts[i].getOtherCertFormat().equals(MyOtherCert.otherCertFormat)) {
       // create the custom other certificate format from its encoding:
       MyOtherCert myOtherCert = new MyOtherCert(otherCerts[i].getEncoded());
       ...
     }
   }
 }
 
Since at this time other certificate formats may not be widely used, IAIK-CMS does not provide any registration mechanism for other certificate format implementing classes. They may be handled as ASN.1 objects and transformed to/from its encoded representation as shown in the sample above. An implemention class registration mechanism may be added later (if other certificates may gain some importance).

This class is extended from java.security.cert.Certificate to fit into the JCA certificate framework. However, since any actual custom other certificate format can not be known in advance, method getPublicKey returns null in any case and any attempt to call a verify method will throw a "Method not supported!" runtime exception. If required, these methods may be provided by the final other certificate implementation.

See Also:
CertificateSet, Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from class java.security.cert.Certificate
java.security.cert.Certificate.CertificateRep
 
Constructor Summary
OtherCertificate(ObjectID otherCertFormat, ASN1Object otherCert)
          Creates an other certificate from identifying OID format and ASN.1 representation.
OtherCertificate(ObjectID otherCertFormat, byte[] array)
          Creates an other certificate from identifying OID format and DER encoding.
OtherCertificate(ObjectID otherCertFormat, java.io.InputStream is)
          Creates an other certificate from identifying OID format and DER encoding.
 
Method Summary
 void decode(ASN1Object otherCert)
          Decodes and parses the ASN.1 representation of the other cert.
 byte[] getEncoded()
          Returns the DER encoded other cert.
 ObjectID getOtherCertFormat()
          Get the otherCertFormat OID identifying the other cert
 java.security.PublicKey getPublicKey()
          Returns null.
 ASN1Object toASN1Object()
          Returns the other cert as ASN1Object.
 java.lang.String toString()
          Gets a String representation of the otherCert.
 void verify(java.security.PublicKey key)
          Throws a RuntimeException since not supported.
 void verify(java.security.PublicKey key, java.lang.String sigProvider)
          Throws a RuntimeException since not supported.
 
Methods inherited from class java.security.cert.Certificate
equals, getType, hashCode, writeReplace
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

OtherCertificate

public OtherCertificate(ObjectID otherCertFormat,
                        ASN1Object otherCert)
                 throws CodingException
Creates an other certificate from identifying OID format and ASN.1 representation. The given otherCert represents the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Parameters:
otherCertFormat - the OID identifying the other cert
otherCert - the other cert as ASN.1 object
Throws:
CodingException

OtherCertificate

public OtherCertificate(ObjectID otherCertFormat,
                        byte[] array)
                 throws CodingException
Creates an other certificate from identifying OID format and DER encoding. The given byte array represents the DER encoding of the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Parameters:
otherCertFormat - the OID identifying the other cert
array - the DER encoded other cert as byte array
Throws:
CodingException

OtherCertificate

public OtherCertificate(ObjectID otherCertFormat,
                        java.io.InputStream is)
                 throws CodingException
Creates an other certificate from identifying OID format and DER encoding. The given input stream supplies the DER encoding of the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Parameters:
otherCertFormat - the OID identifying the other cert
is - an input stream from which to read the DER encoded other cert
Throws:
CodingException
Method Detail

getOtherCertFormat

public ObjectID getOtherCertFormat()
Get the otherCertFormat OID identifying the other cert

Returns:
the otherCertFormat OID identifying the other cert

decode

public void decode(ASN1Object otherCert)
            throws CodingException
Decodes and parses the ASN.1 representation of the other cert. The given otherCert represents the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Specified by:
decode in interface ASN1Type
Parameters:
otherCert - the ASN.1 otherCert
Throws:
CodingException - if an error occurs when parsing the other cert

toASN1Object

public ASN1Object toASN1Object()
Returns the other cert as ASN1Object. The ASN1Object returned by this method represents the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Specified by:
toASN1Object in interface ASN1Type
Returns:
the otherCert as ASN.1 object

getEncoded

public byte[] getEncoded()
                  throws java.security.cert.CertificateEncodingException
Returns the DER encoded other cert. The DER encoding returned by this method represents the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Specified by:
getEncoded in class java.security.cert.Certificate
Returns:
the DER encoded otherCert
Throws:
java.security.cert.CertificateEncodingException - if an error occurs during the encoding procedure

verify

public void verify(java.security.PublicKey key)
            throws java.security.cert.CertificateException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException
Throws a RuntimeException since not supported.

Specified by:
verify in class java.security.cert.Certificate
Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.SignatureException

verify

public void verify(java.security.PublicKey key,
                   java.lang.String sigProvider)
            throws java.security.cert.CertificateException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException
Throws a RuntimeException since not supported.

Specified by:
verify in class java.security.cert.Certificate
Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.SignatureException

getPublicKey

public java.security.PublicKey getPublicKey()
Returns null.

Specified by:
getPublicKey in class java.security.cert.Certificate
Returns:
null

toString

public java.lang.String toString()
Gets a String representation of the otherCert. The String representation returned by this method represents the otherCert component of the RFC 5652 OtherCertificateFormat sequence:
 OtherCertificateFormat ::= SEQUENCE {
   otherCertFormat OBJECT IDENTIFIER,
   otherCert ANY DEFINED BY otherCertFormat }
 

Specified by:
toString in class java.security.cert.Certificate
Returns:
a String representation of the otherCert

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

IAIK-CMS 5.1, (c) 2002 IAIK, (c) 2003 - 2010 SIC