Package org.jmrtd.cert
Class CardVerifiableCertificate
- java.lang.Object
-
- java.security.cert.Certificate
-
- org.jmrtd.cert.CardVerifiableCertificate
-
- All Implemented Interfaces:
Serializable
public class CardVerifiableCertificate extends Certificate
Card verifiable certificates as specified in TR 03110. Just a wrapper aroundorg.ejbca.cvc.CVCertificateby Keijo Kurkinen of EJBCA.org, so that we can subclassjava.security.cert.Certificate. We also hide some of the internal structure (no more calls to get the "body" just to get some attributes).- Version:
- $Revision: 1763 $
- Author:
- The JMRTD team ([email protected])
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class java.security.cert.Certificate
Certificate.CertificateRep
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedCardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate)Constructs a wrapper.CardVerifiableCertificate(CVCPrincipal authorityReference, CVCPrincipal holderReference, PublicKey publicKey, String algorithm, Date notBefore, Date notAfter, CVCAuthorizationTemplate.Role role, CVCAuthorizationTemplate.Permission permission, byte[] signatureData)Constructs a certificate.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanequals(Object otherObj)Tests for equality with respect to another object.CVCPrincipalgetAuthorityReference()Gets the authority reference.CVCAuthorizationTemplategetAuthorizationTemplate()Gets the holder authorization template.byte[]getCertBodyData()The DER encoded certificate body.byte[]getEncoded()Returns the encoded form of this certificate.CVCPrincipalgetHolderReference()Gets the holder reference.DategetNotAfter()Returns 'Expiration Date'.DategetNotBefore()Returns 'Effective Date'.PublicKeygetPublicKey()Gets the public key from this certificate.StringgetSigAlgName()Gets the signature algorithm.StringgetSigAlgOID()Returns the signature algorithm object identifier.byte[]getSignature()Returns the signature (just the value, without the0x5F37tag).inthashCode()Gets a hash code for this object.StringtoString()Returns a string representation of this certificate.voidverify(PublicKey key)Verifies that this certificate was signed using the private key that corresponds to the specified public key.voidverify(PublicKey key, String provider)Verifies that this certificate was signed using the private key that corresponds to the specified public key.-
Methods inherited from class java.security.cert.Certificate
getType, verify, writeReplace
-
-
-
-
Constructor Detail
-
CardVerifiableCertificate
protected CardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate)
Constructs a wrapper.- Parameters:
cvCertificate- the EJCBA CVC to wrap
-
CardVerifiableCertificate
public CardVerifiableCertificate(CVCPrincipal authorityReference, CVCPrincipal holderReference, PublicKey publicKey, String algorithm, Date notBefore, Date notAfter, CVCAuthorizationTemplate.Role role, CVCAuthorizationTemplate.Permission permission, byte[] signatureData)
Constructs a certificate.- Parameters:
authorityReference- authority referenceholderReference- holder referencepublicKey- public keyalgorithm- algorithmnotBefore- valid from datenotAfter- valid to daterole- rolepermission- permissionsignatureData- signed date
-
-
Method Detail
-
getSigAlgName
public String getSigAlgName()
Gets the signature algorithm.- Returns:
- an algorithm name
-
getSigAlgOID
public String getSigAlgOID()
Returns the signature algorithm object identifier.- Returns:
- an object identifier
-
getEncoded
public byte[] getEncoded() throws CertificateEncodingExceptionReturns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.- Specified by:
getEncodedin classCertificate- Returns:
- the encoded form of this certificate
- Throws:
CertificateEncodingException- if an encoding error occurs.
-
getPublicKey
public PublicKey getPublicKey()
Gets the public key from this certificate.- Specified by:
getPublicKeyin classCertificate- Returns:
- the public key.
-
toString
public String toString()
Returns a string representation of this certificate.- Specified by:
toStringin classCertificate- Returns:
- a string representation of this certificate.
-
verify
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
Verifies that this certificate was signed using the private key that corresponds to the specified public key.- Specified by:
verifyin classCertificate- Parameters:
key- the PublicKey used to carry out the verification.- Throws:
NoSuchAlgorithmException- on unsupported signature algorithms.InvalidKeyException- on incorrect key.NoSuchProviderException- if there's no default provider.SignatureException- on signature errors.CertificateException- on encoding errors.
-
verify
public void verify(PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider.- Specified by:
verifyin classCertificate- Parameters:
key- the PublicKey used to carry out the verification.provider- the name of the signature provider.- Throws:
NoSuchAlgorithmException- on unsupported signature algorithms.InvalidKeyException- on incorrect key.NoSuchProviderException- on incorrect provider.SignatureException- on signature errors.CertificateException- on encoding errors.
-
getCertBodyData
public byte[] getCertBodyData() throws CertificateException, IOExceptionThe DER encoded certificate body.- Returns:
- DER encoded certificate body
- Throws:
CertificateException- on errorIOException- on error
-
getNotBefore
public Date getNotBefore() throws CertificateException
Returns 'Effective Date'.- Returns:
- the effective date
- Throws:
CertificateException- on error
-
getNotAfter
public Date getNotAfter() throws CertificateException
Returns 'Expiration Date'.- Returns:
- the expiration date
- Throws:
CertificateException- on error
-
getAuthorityReference
public CVCPrincipal getAuthorityReference() throws CertificateException
Gets the authority reference.- Returns:
- the authority reference
- Throws:
CertificateException- if the authority reference field is not present
-
getHolderReference
public CVCPrincipal getHolderReference() throws CertificateException
Gets the holder reference.- Returns:
- the holder reference
- Throws:
CertificateException- if the authority reference field is not present
-
getAuthorizationTemplate
public CVCAuthorizationTemplate getAuthorizationTemplate() throws CertificateException
Gets the holder authorization template.- Returns:
- the holder authorization template
- Throws:
CertificateException- on error constructing the template
-
getSignature
public byte[] getSignature() throws CertificateExceptionReturns the signature (just the value, without the0x5F37tag).- Returns:
- the signature bytes
- Throws:
CertificateException- if certificate doesn't contain a signature
-
equals
public boolean equals(Object otherObj)
Tests for equality with respect to another object.- Overrides:
equalsin classCertificate- Parameters:
otherObj- the other object- Returns:
- whether this certificate equals the other object
-
hashCode
public int hashCode()
Gets a hash code for this object.- Overrides:
hashCodein classCertificate- Returns:
- a hash code for this object
-
-