Package org.jmrtd.cert
Class CardVerifiableCertificate
- java.lang.Object
-
- java.security.cert.Certificate
-
- org.jmrtd.cert.CardVerifiableCertificate
-
- All Implemented Interfaces:
Serializable
public class CardVerifiableCertificate extends Certificate
Card verifiable certificates as specified in TR 03110. Just a wrapper aroundorg.ejbca.cvc.CVCertificate
by Keijo Kurkinen of EJBCA.org, so that we can subclassjava.security.cert.Certificate
. We also hide some of the internal structure (no more calls to get the "body" just to get some attributes).- Version:
- $Revision: 1763 $
- Author:
- The JMRTD team ([email protected])
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class java.security.cert.Certificate
Certificate.CertificateRep
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
CardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate)
Constructs a wrapper.CardVerifiableCertificate(CVCPrincipal authorityReference, CVCPrincipal holderReference, PublicKey publicKey, String algorithm, Date notBefore, Date notAfter, CVCAuthorizationTemplate.Role role, CVCAuthorizationTemplate.Permission permission, byte[] signatureData)
Constructs a certificate.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object otherObj)
Tests for equality with respect to another object.CVCPrincipal
getAuthorityReference()
Gets the authority reference.CVCAuthorizationTemplate
getAuthorizationTemplate()
Gets the holder authorization template.byte[]
getCertBodyData()
The DER encoded certificate body.byte[]
getEncoded()
Returns the encoded form of this certificate.CVCPrincipal
getHolderReference()
Gets the holder reference.Date
getNotAfter()
Returns 'Expiration Date'.Date
getNotBefore()
Returns 'Effective Date'.PublicKey
getPublicKey()
Gets the public key from this certificate.String
getSigAlgName()
Gets the signature algorithm.String
getSigAlgOID()
Returns the signature algorithm object identifier.byte[]
getSignature()
Returns the signature (just the value, without the0x5F37
tag).int
hashCode()
Gets a hash code for this object.String
toString()
Returns a string representation of this certificate.void
verify(PublicKey key)
Verifies that this certificate was signed using the private key that corresponds to the specified public key.void
verify(PublicKey key, String provider)
Verifies that this certificate was signed using the private key that corresponds to the specified public key.-
Methods inherited from class java.security.cert.Certificate
getType, verify, writeReplace
-
-
-
-
Constructor Detail
-
CardVerifiableCertificate
protected CardVerifiableCertificate(org.ejbca.cvc.CVCertificate cvCertificate)
Constructs a wrapper.- Parameters:
cvCertificate
- the EJCBA CVC to wrap
-
CardVerifiableCertificate
public CardVerifiableCertificate(CVCPrincipal authorityReference, CVCPrincipal holderReference, PublicKey publicKey, String algorithm, Date notBefore, Date notAfter, CVCAuthorizationTemplate.Role role, CVCAuthorizationTemplate.Permission permission, byte[] signatureData)
Constructs a certificate.- Parameters:
authorityReference
- authority referenceholderReference
- holder referencepublicKey
- public keyalgorithm
- algorithmnotBefore
- valid from datenotAfter
- valid to daterole
- rolepermission
- permissionsignatureData
- signed date
-
-
Method Detail
-
getSigAlgName
public String getSigAlgName()
Gets the signature algorithm.- Returns:
- an algorithm name
-
getSigAlgOID
public String getSigAlgOID()
Returns the signature algorithm object identifier.- Returns:
- an object identifier
-
getEncoded
public byte[] getEncoded() throws CertificateEncodingException
Returns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER.- Specified by:
getEncoded
in classCertificate
- Returns:
- the encoded form of this certificate
- Throws:
CertificateEncodingException
- if an encoding error occurs.
-
getPublicKey
public PublicKey getPublicKey()
Gets the public key from this certificate.- Specified by:
getPublicKey
in classCertificate
- Returns:
- the public key.
-
toString
public String toString()
Returns a string representation of this certificate.- Specified by:
toString
in classCertificate
- Returns:
- a string representation of this certificate.
-
verify
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
Verifies that this certificate was signed using the private key that corresponds to the specified public key.- Specified by:
verify
in classCertificate
- Parameters:
key
- the PublicKey used to carry out the verification.- Throws:
NoSuchAlgorithmException
- on unsupported signature algorithms.InvalidKeyException
- on incorrect key.NoSuchProviderException
- if there's no default provider.SignatureException
- on signature errors.CertificateException
- on encoding errors.
-
verify
public void verify(PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider.- Specified by:
verify
in classCertificate
- Parameters:
key
- the PublicKey used to carry out the verification.provider
- the name of the signature provider.- Throws:
NoSuchAlgorithmException
- on unsupported signature algorithms.InvalidKeyException
- on incorrect key.NoSuchProviderException
- on incorrect provider.SignatureException
- on signature errors.CertificateException
- on encoding errors.
-
getCertBodyData
public byte[] getCertBodyData() throws CertificateException, IOException
The DER encoded certificate body.- Returns:
- DER encoded certificate body
- Throws:
CertificateException
- on errorIOException
- on error
-
getNotBefore
public Date getNotBefore() throws CertificateException
Returns 'Effective Date'.- Returns:
- the effective date
- Throws:
CertificateException
- on error
-
getNotAfter
public Date getNotAfter() throws CertificateException
Returns 'Expiration Date'.- Returns:
- the expiration date
- Throws:
CertificateException
- on error
-
getAuthorityReference
public CVCPrincipal getAuthorityReference() throws CertificateException
Gets the authority reference.- Returns:
- the authority reference
- Throws:
CertificateException
- if the authority reference field is not present
-
getHolderReference
public CVCPrincipal getHolderReference() throws CertificateException
Gets the holder reference.- Returns:
- the holder reference
- Throws:
CertificateException
- if the authority reference field is not present
-
getAuthorizationTemplate
public CVCAuthorizationTemplate getAuthorizationTemplate() throws CertificateException
Gets the holder authorization template.- Returns:
- the holder authorization template
- Throws:
CertificateException
- on error constructing the template
-
getSignature
public byte[] getSignature() throws CertificateException
Returns the signature (just the value, without the0x5F37
tag).- Returns:
- the signature bytes
- Throws:
CertificateException
- if certificate doesn't contain a signature
-
equals
public boolean equals(Object otherObj)
Tests for equality with respect to another object.- Overrides:
equals
in classCertificate
- Parameters:
otherObj
- the other object- Returns:
- whether this certificate equals the other object
-
hashCode
public int hashCode()
Gets a hash code for this object.- Overrides:
hashCode
in classCertificate
- Returns:
- a hash code for this object
-
-