EntrustCAProtEncCerts ("Entrust Authority Security Toolkit for the Java Platform")

java.lang.Object
- com.entrust.toolkit.asn1.cmpv1.gkm.EntrustCAProtEncCerts

All Implemented Interfaces:

ASN1Type
```
public class EntrustCAProtEncCerts
extends java.lang.Object
implements ASN1Type
```
This class implements the ASN.1 structure for the entrustCAProtEncCerts PKIX-CMP General Message content value as defined in the Entrust OID Registry.
```
 EntrustCAProtEncCertsSyntax ::= SEQUENCE OF Certificate
 
 entrustCAProtEncCerts OBJECT-TYPE
     SYNTAX EntrustCAProtEncCertsSyntax 
         ACCESS read-write
         STATUS mandatory
         ::= { 2 16 840 1 114027 50 20 }
 
```
The entrustCAProtEncCerts PKIX-CMP General Message content value contains additional CA protocol encryption certificates (certificates in addition to the single CA protocol encryption certificate contained in CAProtEncCert). This value can be requested in a General Message transaction by a client. When requested, the server may populate it with additional CA protocol encryption certificates that can be used to secure client generated private keys that need to be sent to the server for backup during a subsequent transaction. As of Security Manager 8.1, the server will send an RSA-based protocol encryption certificate when CAProtEncCert is requested and send an EC-based protocol encryption certificate when EntrustCAProtEncCerts is requested.

As of 8.0, the Toolkit always requests both CAProtEncCert and EntrustCAProtEncCerts. The following logic is used to decide which CA protocol encryption certificate to use.
- Create a list of CA protocol encryption certificates with CAProtEncCert as the 0th CA protocol encryption certificate and the 0th certificate from EntrustCAProtEncCerts as the 1st CA protocol encryption certificate (and so on).
- If present, use the first CA protocol encryption certificate from the list whose public key has the same key type algorithm (e.g RSA) as the payload and is strong enough to protect the payload
- Otherwise, if present, use the first CA protocol encryption certificate from the list whose public key is strong enough to protect the payload
- Otherwise, use the CA protocol encryption certificate from the list whose public key is strongest
When a certificate from EntrustCAProtEncCerts is used to create an EncryptedValue structure in a subsequent PKIX-CMP message, the client must indicate to the server which CA protocol encryption certificate was used. This is done by sending the CA protocol encryption certificate index to the server in the valueHint component of the EncryptedValue structure. For additional details, refer to EntrustCAProtEncPos. When the certificate from CAProtEncCert is used, identifying this certificate in the valueHint is not required; when the CA protocol encryption index is missing the server interprets this to mean the CAProtEncCert was used (for backwards compatibility).
Since:

8.0

Field Summary

Fields
Modifier and Type Field and Description

static ObjectID oid
The object identifier for entrustCAProtEncCerts.

Fields
Modifier and Type	Field and Description
`static ObjectID`	`oid` The object identifier for entrustCAProtEncCerts.

Constructor Summary

Constructors
Constructor and Description
`EntrustCAProtEncCerts(ASN1Object obj)` Creates a new `EntrustCAProtEncCerts` object from an `ASN1Object`.
`EntrustCAProtEncCerts(X509Certificate[] caProtEncCerts)` Creates a new `EntrustCAProtEncCerts` object with the specified component.

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`addCAProtEncCert(X509Certificate caProtEncCert)` Adds a CA protocol encryption certificates.
`void`	`decode(ASN1Object obj)` Decodes an EntrustCAProtEncCerts object from an `ASN1Object`.
`X509Certificate[]`	`getCAProtEncCerts()` Returns the CA protocol encryption certificates.
`ASN1Object`	`toASN1Object()` Encodes this `EntrustCAProtEncCerts` object as an `ASN1Object`.
`java.lang.String`	`toString()` Creates a text representation of the ASN.1 structure of this `EntrustCAProtEncCerts` object.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - oid
```
public static final ObjectID oid
```
    The object identifier for entrustCAProtEncCerts.
- Constructor Detail
  - EntrustCAProtEncCerts
```
public EntrustCAProtEncCerts(X509Certificate[] caProtEncCerts)
```
    Creates a new EntrustCAProtEncCerts object with the specified component.
    
    Parameters:
    caProtEncCerts - the CA protocol encryption certificates
  - EntrustCAProtEncCerts
```
public EntrustCAProtEncCerts(ASN1Object obj)
                      throws CodingException
```
    Creates a new EntrustCAProtEncCerts object from an ASN1Object. The ASN1Object must be an EntrustCAProtEncCertsSyntax structure.
    
    Parameters:
    obj - the ASN.1 representation of an EntrustCAProtEncCertsSyntax structure
    
    Throws:
    
    CodingException - thrown if an errors occurs while decoding the ANS1Object; when this occurs the content of this object is undefined
- Method Detail
  - getCAProtEncCerts
```
public X509Certificate[] getCAProtEncCerts()
```
    Returns the CA protocol encryption certificates.
    
    Returns:
    the CA protocol encryption certificates
  - addCAProtEncCert
```
public void addCAProtEncCert(X509Certificate caProtEncCert)
```
    Adds a CA protocol encryption certificates.
    If caProtEncCert is null, it is not added.
    
    Parameters:
    caProtEncCert - a CA protocol encryption certificate
  - decode
```
public void decode(ASN1Object obj)
            throws CodingException
```
    Decodes an EntrustCAProtEncCerts object from an ASN1Object. The ASN1Object must be an EntrustCAProtEncCertsSyntax structure.
    
    Specified by:
    
    decode in interface ASN1Type
    
    Parameters:
    obj - an ASN.1 representation of a EntrustCAProtEncCertsSyntax structure
    
    Throws:
    
    CodingException - thrown if an errors occurs while decoding the ANS1Object; when this occurs the content of this object is undefined
  - toString
```
public java.lang.String toString()
```
    Creates a text representation of the ASN.1 structure of this EntrustCAProtEncCerts object.
    
    Overrides:
    
    toString in class java.lang.Object
    
    Returns:
    a text representation of the ASN.1 structure of this object
  - toASN1Object
```
public ASN1Object toASN1Object()
```
    Encodes this EntrustCAProtEncCerts object as an ASN1Object.
    
    Specified by:
    
    toASN1Object in interface ASN1Type
    
    Returns:
    an ASN.1 representation of the EntrustCAProtEncCertsSyntax structure

Class EntrustCAProtEncCerts

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

oid

Constructor Detail

EntrustCAProtEncCerts

EntrustCAProtEncCerts

Method Detail

getCAProtEncCerts

addCAProtEncCert

decode

toString

toASN1Object