/** * Create a X509AttributeCertificateHolder from the passed in ASN.1 structure. * * @param attrCert an ASN.1 AttributeCertificate structure. */ public X509AttributeCertificateHolder(AttributeCertificate attrCert) { this.attrCert = attrCert; this.extensions = attrCert.getAcinfo().getExtensions(); }
/** * Return the issuer details for this attribute certificate. * * @return this attribute certificate's issuer structure, */ public AttributeCertificateIssuer getIssuer() { return new AttributeCertificateIssuer(attrCert.getAcinfo().getIssuer()); }
public boolean[] getIssuerUniqueID() { return CertUtils.bitStringToBoolean(attrCert.getAcinfo().getIssuerUniqueID()); }
/** * Return whether or not this attribute certificate is valid on a particular date. * * @param date the date of interest. * @return true if the attribute certificate is valid, false otherwise. */ public boolean isValidOn(Date date) { AttCertValidityPeriod certValidityPeriod = attrCert.getAcinfo().getAttrCertValidityPeriod(); return !date.before(CertUtils.recoverDate(certValidityPeriod.getNotBeforeTime())) && !date.after(CertUtils.recoverDate(certValidityPeriod.getNotAfterTime())); }
public X509Attribute[] getAttributes(String oid) { ASN1Sequence seq = cert.getAcinfo().getAttributes(); List list = new ArrayList(); for (int i = 0; i != seq.size(); i++) { X509Attribute attr = new X509Attribute((ASN1Encodable)seq.getObjectAt(i)); if (attr.getOID().equals(oid)) { list.add(attr); } } if (list.size() == 0) { return null; } return (X509Attribute[])list.toArray(new X509Attribute[list.size()]); }
public final void verify( PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = null; if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature())) { throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); } signature = Signature.getInstance(cert.getSignatureAlgorithm().getAlgorithm().getId(), provider); signature.initVerify(key); try { signature.update(cert.getAcinfo().getEncoded()); } catch (IOException e) { throw new SignatureException("Exception encoding certificate info object"); } if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }
/** * Return the holder details for this attribute certificate. * * @return this attribute certificate's holder structure. */ public AttributeCertificateHolder getHolder() { return new AttributeCertificateHolder((ASN1Sequence)attrCert.getAcinfo().getHolder().toASN1Primitive()); }
/** * Return the serial number of this attribute certificate. * * @return the serial number. */ public BigInteger getSerialNumber() { return attrCert.getAcinfo().getSerialNumber().getValue(); }
public int getVersion() { return attrCert.getAcinfo().getVersion().getValue().intValue() + 1; }
/** * Validate the signature on the attribute certificate in this holder. * * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature. * @return true if the signature is valid, false otherwise. * @throws CertException if the signature cannot be processed or is inappropriate. */ public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException { AttributeCertificateInfo acinfo = attrCert.getAcinfo(); if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) { throw new CertException("signature invalid - algorithm identifier mismatch"); } ContentVerifier verifier; try { verifier = verifierProvider.get((acinfo.getSignature())); OutputStream sOut = verifier.getOutputStream(); DEROutputStream dOut = new DEROutputStream(sOut); dOut.writeObject(acinfo); sOut.close(); } catch (Exception e) { throw new CertException("unable to process signature: " + e.getMessage(), e); } return verifier.verify(this.getSignature()); }
public static AttributeCertificateInfo getInstance( Object obj) { if (obj instanceof AttributeCertificateInfo) { return (AttributeCertificateInfo)obj; } else if (obj != null) { return new AttributeCertificateInfo(ASN1Sequence.getInstance(obj)); } return null; }
/** * Return the date after which this attribute certificate is not valid. * * @return the final date for the attribute certificate's validity period. */ public Date getNotAfter() { return CertUtils.recoverDate(attrCert.getAcinfo().getAttrCertValidityPeriod().getNotAfterTime()); }
public X509Attribute[] getAttributes(String oid) { ASN1Sequence seq = cert.getAcinfo().getAttributes(); List list = new ArrayList(); for (int i = 0; i != seq.size(); i++) { X509Attribute attr = new X509Attribute((ASN1Encodable)seq.getObjectAt(i)); if (attr.getOID().equals(oid)) { list.add(attr); } } if (list.size() == 0) { return null; } return (X509Attribute[])list.toArray(new X509Attribute[list.size()]); }
public final void verify( PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = null; if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature())) { throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); } signature = Signature.getInstance(cert.getSignatureAlgorithm().getObjectId().getId(), provider); signature.initVerify(key); try { signature.update(cert.getAcinfo().getEncoded()); } catch (IOException e) { throw new SignatureException("Exception encoding certificate info object"); } if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }
/** * Return the holder details for this attribute certificate. * * @return this attribute certificate's holder structure. */ public AttributeCertificateHolder getHolder() { return new AttributeCertificateHolder((ASN1Sequence)attrCert.getAcinfo().getHolder().toASN1Primitive()); }
/** * Return the serial number of this attribute certificate. * * @return the serial number. */ public BigInteger getSerialNumber() { return attrCert.getAcinfo().getSerialNumber().getValue(); }
public int getVersion() { return cert.getAcinfo().getVersion().getValue().intValue() + 1; }
/** * Validate the signature on the attribute certificate in this holder. * * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature. * @return true if the signature is valid, false otherwise. * @throws CertException if the signature cannot be processed or is inappropriate. */ public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException { AttributeCertificateInfo acinfo = attrCert.getAcinfo(); if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) { throw new CertException("signature invalid - algorithm identifier mismatch"); } ContentVerifier verifier; try { verifier = verifierProvider.get((acinfo.getSignature())); OutputStream sOut = verifier.getOutputStream(); DEROutputStream dOut = new DEROutputStream(sOut); dOut.writeObject(acinfo); sOut.close(); } catch (Exception e) { throw new CertException("unable to process signature: " + e.getMessage(), e); } return verifier.verify(this.getSignature()); }
public static AttributeCertificateInfo getInstance( Object obj) { if (obj instanceof AttributeCertificateInfo) { return (AttributeCertificateInfo)obj; } else if (obj != null) { return new AttributeCertificateInfo(ASN1Sequence.getInstance(obj)); } return null; }
/** * Return whether or not this attribute certificate is valid on a particular date. * * @param date the date of interest. * @return true if the attribute certificate is valid, false otherwise. */ public boolean isValidOn(Date date) { AttCertValidityPeriod certValidityPeriod = attrCert.getAcinfo().getAttrCertValidityPeriod(); return !date.before(CertUtils.recoverDate(certValidityPeriod.getNotBeforeTime())) && !date.after(CertUtils.recoverDate(certValidityPeriod.getNotAfterTime())); }