IAIK PKCS#11 Wrapper
version 1.5

iaik.pkcs.pkcs11.objects
Class Certificate

java.lang.Object
  |
  +--iaik.pkcs.pkcs11.objects.Object
        |
        +--iaik.pkcs.pkcs11.objects.Storage
              |
              +--iaik.pkcs.pkcs11.objects.Certificate
All Implemented Interfaces:
java.lang.Cloneable
Direct Known Subclasses:
WTLSCertificate, X509AttributeCertificate, X509PublicKeyCertificate

public class Certificate
extends Storage

An object of this class represents a certificate as defined by PKCS#11. A certificate is of a specific type: X_509_PUBLIC_KEY, X_509_ATTRIBUTE or VENDOR_DEFINED. If an application needs to use vendor-defined certificates, it must set a VendorDefinedCertificateBuilder using the setVendorDefinedCertificateBuilder method.

Version:
1.0
Author:
Karl Scheibelhofer

Inner Class Summary
static interface Certificate.CertificateType
          This interface defines the available certificate types as defined by PKCS#11: X_509_PUBLIC_KEY, X_509_ATTRIBUTE or VENDOR_DEFINED.
static interface Certificate.VendorDefinedCertificateBuilder
          If an application uses vendor defined certificates, it must implement this interface and install such an object handler using setVendorDefinedCertificateBuilder.
 
Inner classes inherited from class iaik.pkcs.pkcs11.objects.Object
Object.ObjectClass, Object.VendorDefinedObjectBuilder
 
Field Summary
protected  LongAttribute certificateCategory_
          Categorization of the certificate: 0 = unspecified (default), 1 = token user, 2 = authority, 3 = other entity.
protected  CertificateTypeAttribute certificateType_
          The type of this certificate.
protected  ByteArrayAttribute checkValue_
          Checksum of this certificate.
protected  DateAttribute endDate_
          The end date of this certificate's validity.
protected  DateAttribute startDate_
          The start date of this certificate's validity.
protected  BooleanAttribute trusted_
          Indicates, if this certificate can be trusted.
protected static Certificate.VendorDefinedCertificateBuilder vendorCertificateBuilder_
          The currently set vendor defined certificate builder, or null.
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Storage
label_, modifiable_, private_, token_
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Object
attributeTable_, objectClass_, objectClassNames_, objectHandle_, vendorObjectBuilder_
 
Constructor Summary
  Certificate()
          The default constructor.
protected Certificate(Session session, long objectHandle)
          Constructor taking the reference to the PKCS#11 module for accessing the object's attributes, the session handle to use for reading the attribute values and the object handle.
 
Method Summary
protected  void allocateAttributes()
          Allocates the attribute objects for this class and adds them to the attribute table.
 java.lang.Object clone()
          Create a (deep) clone of this object.
 boolean equals(java.lang.Object otherObject)
          Compares all member variables of this object with the other object.
 LongAttribute getCertificateCategory()
          Gets the certificate category attribute of the PKCS#11 certificate.
 LongAttribute getCertificateType()
          Gets the certificate type attribute of the PKCS#11 certificate.
static java.lang.String getCertificateTypeName(java.lang.Long certificateType)
          Get the given certificate type as string.
 ByteArrayAttribute getCheckValue()
          Gets the check value attribute of of the PKCS#11 certificate.
 DateAttribute getEndDate()
          Gets the end date attribute of the validity of the PKCS#11 certificate.
static Object getInstance(Session session, long objectHandle)
          The getInstance method of the Object class uses this method to create an instance of a PKCS#11 certificate.
 DateAttribute getStartDate()
          Gets the start date attribute of the validity of the PKCS#11 certificate.
 BooleanAttribute getTrusted()
          Gets the trusted attribute of the PKCS#11 certificate.
protected static Object getUnknownCertificate(Session session, long objectHandle)
          Try to create a certificate which has no or an unknown certificate type attribute.
static Certificate.VendorDefinedCertificateBuilder getVendorDefinedCertificateBuilder()
          Get the currently set vendor-defined certificate builder.
 int hashCode()
          The overriding of this method should ensure that the objects of this class work correctly in a hashtable.
protected static void putAttributesInTable(Certificate object)
          Put all attributes of the given object into the attributes table of this object.
static void setVendorDefinedCertificateBuilder(Certificate.VendorDefinedCertificateBuilder builder)
          Set a vendor-defined certificate builder that should be called to create an instance of an vendor-defined PKCS#11 certificate; i.e.
 java.lang.String toString()
          This method returns a string representation of the current object.
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Storage
getLabel, getModifiable, getPrivate, getToken, putAttributesInTable
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Object
checkAttributesState, checkAttributeState, getAttribute, getAttributeTable, getAttributeValue, getAttributeValues, getObjectClass, getObjectClassName, getObjectHandle, getSetAttributes, getSetAttributes, getUnknownObject, getVendorDefinedObjectBuilder, putAttribute, putAttributesInTable, readAttributes, removeAttribute, setObjectHandle, setVendorDefinedObjectBuilder, toString
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

vendorCertificateBuilder_

protected static Certificate.VendorDefinedCertificateBuilder vendorCertificateBuilder_
The currently set vendor defined certificate builder, or null.

certificateType_

protected CertificateTypeAttribute certificateType_
The type of this certificate. One of CertificateType, or one that has a bigger value than VENDOR_DEFINED.

trusted_

protected BooleanAttribute trusted_
Indicates, if this certificate can be trusted.

certificateCategory_

protected LongAttribute certificateCategory_
Categorization of the certificate: 0 = unspecified (default), 1 = token user, 2 = authority, 3 = other entity.

checkValue_

protected ByteArrayAttribute checkValue_
Checksum of this certificate.

startDate_

protected DateAttribute startDate_
The start date of this certificate's validity.

endDate_

protected DateAttribute endDate_
The end date of this certificate's validity.
Constructor Detail

Certificate

public Certificate()
The default constructor. An application use this constructor to instantiate a certificate that serves as a template. It may also be useful for working with vendor-defined certificates.

Certificate

protected Certificate(Session session,
                      long objectHandle)
               throws TokenException
Constructor taking the reference to the PKCS#11 module for accessing the object's attributes, the session handle to use for reading the attribute values and the object handle. This constructor read all attributes that a storage object must contain.
Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Throws:
TokenException - If getting the attributes failed.
Method Detail

getCertificateTypeName

public static java.lang.String getCertificateTypeName(java.lang.Long certificateType)
Get the given certificate type as string.
Parameters:
certificateType - The certificate type to get as string.
Returns:
A string denoting the object certificate type; e.g. "X.509 Public Key".

getInstance

public static Object getInstance(Session session,
                                 long objectHandle)
                          throws TokenException
The getInstance method of the Object class uses this method to create an instance of a PKCS#11 certificate. This method reads the certificate type attribute and calls the getInstance method of the according sub-class. If the certificate type is a vendor defined it uses the VendorDefinedCertificateBuilder set by the application. If no certificate could be constructed, this method returns null.
Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Returns:
The object representing the PKCS#11 object. The returned object can be casted to the according sub-class.
Throws:
TokenException - If getting the attributes failed.

getUnknownCertificate

protected static Object getUnknownCertificate(Session session,
                                              long objectHandle)
                                       throws TokenException
Try to create a certificate which has no or an unknown certificate type attribute. This implementation will try to use a vendor defined certificate builder, if such has been set. If this is impossible or fails, it will create just a simple Certificate .
Parameters:
session - The session to use.
objectHandle - The handle of the object
Returns:
A new Object.
Throws:
TokenException - If no object could be created.

setVendorDefinedCertificateBuilder

public static void setVendorDefinedCertificateBuilder(Certificate.VendorDefinedCertificateBuilder builder)
Set a vendor-defined certificate builder that should be called to create an instance of an vendor-defined PKCS#11 certificate; i.e. an instance of a vendor defined sub-class of this class.
Parameters:
builder - The vendor-defined certificate builder. Null to clear any previously installed vendor-defined builder.

getVendorDefinedCertificateBuilder

public static Certificate.VendorDefinedCertificateBuilder getVendorDefinedCertificateBuilder()
Get the currently set vendor-defined certificate builder.
Returns:
The currently set vendor-defined certificate builder or null if none is set.

putAttributesInTable

protected static void putAttributesInTable(Certificate object)
Put all attributes of the given object into the attributes table of this object. This method is only static to be able to access invoke the implementation of this method for each class separately (see use in clone()).
Parameters:
object - The object to handle.

allocateAttributes

protected void allocateAttributes()
Allocates the attribute objects for this class and adds them to the attribute table.
Overrides:
allocateAttributes in class Storage

clone

public java.lang.Object clone()
Create a (deep) clone of this object.
Overrides:
clone in class Storage
Returns:
A clone of this object.

equals

public boolean equals(java.lang.Object otherObject)
Compares all member variables of this object with the other object. Returns only true, if all are equal in both objects.
Overrides:
equals in class Storage
Parameters:
otherObject - The other object to compare to.
Returns:
True, if other is an instance of this class and all member variables of both objects are equal. False, otherwise.

getCertificateType

public LongAttribute getCertificateType()
Gets the certificate type attribute of the PKCS#11 certificate. Its value must be one of those defined in the CertificateType interface or one with an value bigger than CertificateType.VENDOR_DEFINED.
Returns:
The certificate type attribute.

getTrusted

public BooleanAttribute getTrusted()
Gets the trusted attribute of the PKCS#11 certificate.
Returns:
The trusted attribute.

getCertificateCategory

public LongAttribute getCertificateCategory()
Gets the certificate category attribute of the PKCS#11 certificate.
Returns:
The certificate category attribute.

getCheckValue

public ByteArrayAttribute getCheckValue()
Gets the check value attribute of of the PKCS#11 certificate.
Returns:
The check value attribute.

getStartDate

public DateAttribute getStartDate()
Gets the start date attribute of the validity of the PKCS#11 certificate.
Returns:
The start date of validity.

getEndDate

public DateAttribute getEndDate()
Gets the end date attribute of the validity of the PKCS#11 certificate.
Returns:
The end date of validity.

hashCode

public int hashCode()
The overriding of this method should ensure that the objects of this class work correctly in a hashtable.
Overrides:
hashCode in class Storage
Returns:
The hash code of this object.

toString

public java.lang.String toString()
This method returns a string representation of the current object. The output is only for debugging purposes and should not be used for other purposes.
Overrides:
toString in class Storage
Returns:
A string presentation of this object for debugging output.

IAIK PKCS#11 Wrapper
version 1.5

IAIK JavaSecurity Website http://jce.iaik.tugraz.at/

IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2004, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.
version 1.5