org.glite.security.voms.ac
Class AttributeCertificate

java.lang.Object
  extended byorg.glite.security.voms.ac.AttributeCertificate
All Implemented Interfaces:
org.bouncycastle.asn1.DEREncodable

public class AttributeCertificate
extends java.lang.Object
implements org.bouncycastle.asn1.DEREncodable

A shadow implementation of the non-working BouncyCastle implementation of X.509 Attribute Certificates

Author:
Joni Hahkala, Olle Mulmo

Constructor Summary
AttributeCertificate(org.bouncycastle.asn1.ASN1Sequence seq)
           
 
Method Summary
 AttributeCertificateInfo getAcinfo()
           
 org.bouncycastle.asn1.ASN1Sequence getAttributes()
           
 java.util.List getAttributes(java.lang.String oid)
          Returns a list of the attributes matching the provided OID.
 org.bouncycastle.asn1.DERObject getDERObject()
          Produce an object suitable for an ASN1OutputStream.
 org.bouncycastle.asn1.x509.X509Extensions getExtensions()
           
 Holder getHolder()
           
static AttributeCertificate getInstance(java.io.InputStream in)
          Create an Attribute Certificate from a input stream containing DER-encoded data
 javax.security.auth.x500.X500Principal getIssuer()
           
 java.util.Date getNotAfter()
           
 java.util.Date getNotBefore()
           
 org.bouncycastle.asn1.x509.AlgorithmIdentifier getSignatureAlgorithm()
           
 org.bouncycastle.asn1.DERBitString getSignatureValue()
           
 boolean isValid()
          Synonym for validAt(null)
 boolean validAt(java.util.Date date)
          Checks if the AC was valid at the provided timestamp.
 boolean verify(java.security.PublicKey key)
          Verifies the signature of the AC using the provided signature key
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AttributeCertificate

public AttributeCertificate(org.bouncycastle.asn1.ASN1Sequence seq)
                     throws java.io.IOException
Method Detail

getInstance

public static AttributeCertificate getInstance(java.io.InputStream in)
                                        throws java.io.IOException
Create an Attribute Certificate from a input stream containing DER-encoded data

Parameters:
in -
Returns:
Throws:
java.io.IOException

getAcinfo

public AttributeCertificateInfo getAcinfo()

getAttributes

public org.bouncycastle.asn1.ASN1Sequence getAttributes()
See Also:
AttributeCertificateInfo.getAttributes()

getAttributes

public java.util.List getAttributes(java.lang.String oid)
Returns a list of the attributes matching the provided OID.

Parameters:
oid - Object Identifier, on the form "1.2.3.4"
Returns:
List of ASN.1 objects representing the OID type in question

getExtensions

public org.bouncycastle.asn1.x509.X509Extensions getExtensions()

getIssuer

public javax.security.auth.x500.X500Principal getIssuer()

getHolder

public Holder getHolder()

getNotAfter

public java.util.Date getNotAfter()
                           throws java.text.ParseException
Throws:
java.text.ParseException

getNotBefore

public java.util.Date getNotBefore()
                            throws java.text.ParseException
Throws:
java.text.ParseException

getSignatureAlgorithm

public org.bouncycastle.asn1.x509.AlgorithmIdentifier getSignatureAlgorithm()

getSignatureValue

public org.bouncycastle.asn1.DERBitString getSignatureValue()

validAt

public boolean validAt(java.util.Date date)
Checks if the AC was valid at the provided timestamp.

Parameters:
date - if null, current time is used
Returns:
true if the AC was valid at the time in question.

isValid

public boolean isValid()
Synonym for validAt(null)

Returns:
true if currently valid

verify

public boolean verify(java.security.PublicKey key)
Verifies the signature of the AC using the provided signature key

Parameters:
key - The (RSA) public key to verify the signature with
Returns:
true if success, false otherwise

getDERObject

public org.bouncycastle.asn1.DERObject getDERObject()
Produce an object suitable for an ASN1OutputStream.
  AttributeCertificate ::= SEQUENCE {
       acinfo               AttributeCertificateInfo,
       signatureAlgorithm   AlgorithmIdentifier,
       signatureValue       BIT STRING
  }
 

Specified by:
getDERObject in interface org.bouncycastle.asn1.DEREncodable