org.jmrtd.cert

Class CardVerifiableCertificate

java.lang.Object

java.security.cert.Certificate

org.jmrtd.cert.CardVerifiableCertificate

All Implemented Interfaces:

java.io.Serializable

public class CardVerifiableCertificate
extends java.security.cert.Certificate

Card verifiable certificates as specified in TR 03110. Just a wrapper around org.ejbca.cvc.CVCertificate by Keijo Kurkinen of EJBCA.org, so that we can subclass java.security.cert.Certificate. We also hide some of the internal structure (no more calls to get the "body" just to get some attributes).

Version:

$Revision: 1573 $

Author:

The JMRTD team ([email protected])

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class java.security.cert.Certificate

java.security.cert.Certificate.CertificateRep

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	CardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate) Constructs a wrapper.
	CardVerifiableCertificate(CVCPrincipal authorityReference, CVCPrincipal holderReference, java.security.PublicKey publicKey, java.lang.String algorithm, java.util.Date notBefore, java.util.Date notAfter, CVCAuthorizationTemplate.Role role, CVCAuthorizationTemplate.Permission permission, byte[] signatureData) Construcst a certificate.

Method Summary

Modifier and Type	Method and Description
boolean	equals(java.lang.Object otherObj)
CVCPrincipal	getAuthorityReference() Gets the authority reference.
CVCAuthorizationTemplate	getAuthorizationTemplate() Gets the holder authorization template.
byte[]	getCertBodyData() The DER encoded certificate body.
byte[]	getEncoded() Returns the encoded form of this certificate.
CVCPrincipal	getHolderReference() Gets the holder reference.
java.util.Date	getNotAfter() Returns 'Expiration Date'.
java.util.Date	getNotBefore() Returns 'Effective Date'.
java.security.PublicKey	getPublicKey() Gets the public key from this certificate.
java.lang.String	getSigAlgName() Gets the signature algorithm.
java.lang.String	getSigAlgOID() Gets the signature algorithm OID
byte[]	getSignature() Returns the signature (just the value, without the 0x5F37 tag).
int	hashCode()
java.lang.String	toString() Returns a string representation of this certificate.
void	verify(java.security.PublicKey key) Verifies that this certificate was signed using the private key that corresponds to the specified public key.
void	verify(java.security.PublicKey key, java.lang.String provider) Verifies that this certificate was signed using the private key that corresponds to the specified public key.

Methods inherited from class java.security.cert.Certificate

getType, verify, writeReplace

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

CardVerifiableCertificate

protected CardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate)

Constructs a wrapper.

Parameters:

cvCertificate - the EJCBA CVC to wrap

CardVerifiableCertificate

public CardVerifiableCertificate(CVCPrincipal authorityReference,
                                 CVCPrincipal holderReference,
                                 java.security.PublicKey publicKey,
                                 java.lang.String algorithm,
                                 java.util.Date notBefore,
                                 java.util.Date notAfter,
                                 CVCAuthorizationTemplate.Role role,
                                 CVCAuthorizationTemplate.Permission permission,
                                 byte[] signatureData)

Construcst a certificate.

Parameters:

authorityReference - authority reference

holderReference - holder reference

publicKey - public key

algorithm - algorithm

notBefore - valid from date

notAfter - valid to date

role - role

permission - permission

signatureData - signed date

Method Detail

getSigAlgName

public java.lang.String getSigAlgName()

Gets the signature algorithm.

Returns:

an algorithm name

getSigAlgOID

public java.lang.String getSigAlgOID()

Gets the signature algorithm OID

Returns:

an OID

getEncoded

public byte[] getEncoded()
                  throws java.security.cert.CertificateEncodingException

Returns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.

Specified by:

getEncoded in class java.security.cert.Certificate

Returns:

the encoded form of this certificate

Throws:

java.security.cert.CertificateEncodingException - if an encoding error occurs.

getPublicKey

public java.security.PublicKey getPublicKey()

Gets the public key from this certificate.

Specified by:

getPublicKey in class java.security.cert.Certificate

Returns:

the public key.

toString

public java.lang.String toString()

Returns a string representation of this certificate.

Specified by:

toString in class java.security.cert.Certificate

Returns:

a string representation of this certificate.

verify

public void verify(java.security.PublicKey key)
            throws java.security.cert.CertificateException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

Specified by:

verify in class java.security.cert.Certificate

Parameters:

key - the PublicKey used to carry out the verification.

Throws:

java.security.NoSuchAlgorithmException - on unsupported signature algorithms.

java.security.InvalidKeyException - on incorrect key.

java.security.NoSuchProviderException - if there's no default provider.

java.security.SignatureException - on signature errors.

java.security.cert.CertificateException - on encoding errors.

verify

public void verify(java.security.PublicKey key,
                   java.lang.String provider)
            throws java.security.cert.CertificateException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException

Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider.

Specified by:

verify in class java.security.cert.Certificate

Parameters:

key - the PublicKey used to carry out the verification.

provider - the name of the signature provider.

Throws:

java.security.NoSuchAlgorithmException - on unsupported signature algorithms.

java.security.InvalidKeyException - on incorrect key.

java.security.NoSuchProviderException - on incorrect provider.

java.security.SignatureException - on signature errors.

java.security.cert.CertificateException - on encoding errors.

getCertBodyData

public byte[] getCertBodyData()
                       throws java.security.cert.CertificateException,
                              java.io.IOException

The DER encoded certificate body.

Returns:

DER encoded certificate body

Throws:

java.security.cert.CertificateException - on error

java.io.IOException - on error

getNotBefore

public java.util.Date getNotBefore()
                            throws java.security.cert.CertificateException

Returns 'Effective Date'.

Returns:

the effective date

Throws:

java.security.cert.CertificateException - on error

getNotAfter

public java.util.Date getNotAfter()
                           throws java.security.cert.CertificateException

Returns 'Expiration Date'.

Returns:

the expiration date

Throws:

java.security.cert.CertificateException - on error

getAuthorityReference

public CVCPrincipal getAuthorityReference()
                                   throws java.security.cert.CertificateException

Gets the authority reference.

Returns:

the authority reference

Throws:

java.security.cert.CertificateException - if the authority reference field is not present

getHolderReference

public CVCPrincipal getHolderReference()
                                throws java.security.cert.CertificateException

Gets the holder reference.

Returns:

the holder reference

Throws:

java.security.cert.CertificateException - if the authority reference field is not present

getAuthorizationTemplate

public CVCAuthorizationTemplate getAuthorizationTemplate()
                                                  throws java.security.cert.CertificateException

Gets the holder authorization template.

Returns:

the holder authorization template

Throws:

java.security.cert.CertificateException - on error constructing the template

getSignature

public byte[] getSignature()
                    throws java.security.cert.CertificateException

Returns the signature (just the value, without the 0x5F37 tag).

Returns:

the signature bytes

Throws:

java.security.cert.CertificateException - if certificate doesn't contain a signature

equals

public boolean equals(java.lang.Object otherObj)

Overrides:

equals in class java.security.cert.Certificate

hashCode

public int hashCode()

Overrides:

hashCode in class java.security.cert.Certificate