iaik.cms

Class CertificateSet

java.lang.Object

iaik.cms.CertificateSet

public class CertificateSet
extends java.lang.Object

This class implements the CMS type CertificateSet. The CMS Cryptographic Message Syntax (RFC 2630) specifies the CertificateSet type for modelling certificates:

 CertificateSet ::= SET OF CertificateChoices
 

 CertificateChoices ::= CHOICE {
   certificate Certificate,  -- See X.509
   extendedCertificate [0] IMPLICIT ExtendedCertificate,  -- Obsolete
   attrCert [1] IMPLICIT AttributeCertificate }  -- See X.509 & X9.57
 

Use the empty default constructor and subsequently supply certificates by calling method setCertificates or a addCertificate method.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported, e.g.:

 CertificateSet certSet = new CertificateSet();
 X509Certificate x509Cert = ...;
 certSet.addCertificate(x509Cert);
 AttributeCertificate attCert = ...;
 certSet.addCertificate(attCert);
 

See Also:

X509Certificate, AttributeCertificate

Constructor Summary

Constructors

Constructor and Description
CertificateSet() Default constructor.
CertificateSet(java.io.InputStream is) Creates a new CertificateSet where the DER encoded data is read from the given InputStream.

Method Summary

Methods

Modifier and Type	Method and Description
void	addCertificate(java.security.cert.Certificate certificate) Adds the given certificate to this CertificateSet.
void	addCertificates(java.security.cert.Certificate[] certificates) Adds the given certificates to this CertificateSet.
boolean	containsAttributeCertificates() Asks whether attribute certificates are included.
boolean	containsX509Certificates() Asks whether X.509 certificates are included.
void	decode(java.io.InputStream is) Decodes a CertifcateSet from the given InputStream.
AttributeCertificate[]	getAttributeCertificates() Gets all included attribute certificates from this CertificateSet.
java.security.cert.Certificate[]	getCertificates() Gets the certificates from this CertificateSet.
X509Certificate	getX509Certificate(CertificateIdentifier certID) Gets the X.509 certificate identified by the given CertIdentifier.
X509Certificate[]	getX509Certificates() Gets all included X.509 certificates from this CertificateSet.
boolean	isEmpty() Asks if this CertificateSet is empty.
void	removeAllCertificates() Removes all certificates from this CertificateSet.
void	setCertificates(java.security.cert.Certificate[] certificates) Sets the certificates of this CertificateSet.
ASN1Object	toASN1Object() Returns this CertifcateSet as ASN1Object.
java.lang.String	toString() Returns a string giving some information about this CertificateSet object.
void	writeTo(java.io.OutputStream os)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

CertificateSet

public CertificateSet()

Default constructor.

Creates an empty CertificateSet. Supply certificates to be included by calling method setCertificates or a addCertificate method.

CertificateSet

public CertificateSet(java.io.InputStream is)
               throws CMSParsingException,
                      java.io.IOException

Creates a new CertificateSet where the DER encoded data is read from the given InputStream.

Parameters:

is - the InputStream holding a DER encoded CertificateSet

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object; e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included

Method Detail

setCertificates

public void setCertificates(java.security.cert.Certificate[] certificates)

Sets the certificates of this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificates - the certificates to be set

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate object

addCertificates

public void addCertificates(java.security.cert.Certificate[] certificates)

Adds the given certificates to this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificates - the certificates to add

Throws:

java.lang.IllegalArgumentException - if any of the supplied certificates is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate object

addCertificate

public void addCertificate(java.security.cert.Certificate certificate)

Adds the given certificate to this CertificateSet.

Attention! Only X.509 public key certificates (instances of iaik.x509.X509Certificate) or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate) can be added to this CertificateSet; PKCS#6 extended certificates are obsolete and therefore not supported.

Parameters:

certificate - the certificates to be added

Throws:

java.lang.IllegalArgumentException - if the supplied certificate is not a iaik.x509.X509Certificate or iaik.x509.attr.AttributeCertificate object

getCertificates

public java.security.cert.Certificate[] getCertificates()

Gets the certificates from this CertificateSet.

The array returned may contain X.509 public key certificates (instances of iaik.x509.X509Certificate and/or X.509 attribute certificates (instances of iaik.x509.attr.AttributeCertificate); PKCS#6 extended certificates are obsolete and therefore not supported.

Returns:

an array containing all certificates included in this CertificateSet, or null if there are no certificates in this set

getX509Certificate

public X509Certificate getX509Certificate(CertificateIdentifier certID)

Gets the X.509 certificate identified by the given CertIdentifier.

If no certificate in this CertificateSet is identified by the given certificate identifier null is returned.

Parameters:

certID - the CertificateIdentifier to be searched for a matching certificate

Returns:

the certificate identified by the given identifier ot null if not found

getX509Certificates

public X509Certificate[] getX509Certificates()

Gets all included X.509 certificates from this CertificateSet.

Returns:

an array containing all X.509 public key certificates included in this CertificateSet, or null if there are no X.509 certificates in this set

getAttributeCertificates

public AttributeCertificate[] getAttributeCertificates()

Gets all included attribute certificates from this CertificateSet.

Returns:

an array containing all attribute certificates included in this CertificateSet, or null if there are no attribute certificates in this set

isEmpty

public boolean isEmpty()

Asks if this CertificateSet is empty.

Returns:

true if there are no certificates in this CertificateSet, false otherwise

containsAttributeCertificates

public boolean containsAttributeCertificates()

Asks whether attribute certificates are included.

Returns:

true if there are attribute certificates in this CertificateSet, false otherwise

containsX509Certificates

public boolean containsX509Certificates()

Asks whether X.509 certificates are included.

Returns:

true if there are X.509 certificates in this CertificateSet, false otherwise

removeAllCertificates

public void removeAllCertificates()

Removes all certificates from this CertificateSet.

decode

public void decode(java.io.InputStream is)
            throws java.io.IOException,
                   CMSParsingException

Decodes a CertifcateSet from the given InputStream.

Parameters:

is - the input stream supplying the encoded CertificateSet

Throws:

java.io.IOException - if an I/O error occurs during reading from the InputStream

CMSParsingException - if an error occurs while parsing the object e.g. the encoding is invalid, or PKCS#6 extended certificates (obsolete) are included

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException

Returns this CertifcateSet as ASN1Object.

RFC 2630 specifies the CertificateSet type as SET OF CertificateChoices:

 CertificateChoices ::= CHOICE {  
    certificate Certificate,  -- See X.509
    extendedCertificate [0] IMPLICIT ExtendedCertificate,  -- Obsolete
    attrCert [1] IMPLICIT AttributeCertificate }  -- See X.509 & X9.57
 

 CertificateSet ::= SET OF CertificateChoices
 

Returns:

this CertificateSet as ASN1Object of type SET

Throws:

CodingException - if an error occurs while building the ASN.1 structure

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

Throws:

java.io.IOException

toString

public java.lang.String toString()

Returns a string giving some information about this CertificateSet object.

Overrides:

toString in class java.lang.Object

Returns:

the string representation