org.openoces.ooapi.cert
Class OcesCertificate

java.lang.Object
  org.openoces.ooapi.cert.OcesCertificate

Direct Known Subclasses:

EmployeeOcesCertificate, OrganizationalOcesCertificate, PersonalOcesCertificate

public abstract class OcesCertificate

extends java.lang.Object

This class is a high-level representation of a OCES certificate

Author:

Carsten Raskgaard

Field Summary

protected java.security.cert.X509Certificate	encapsulatedCert
protected org.bouncycastle.asn1.x509.X509Name	parsedSubjectDN

Constructor Summary

OcesCertificate(java.security.cert.X509Certificate encapsulatedCert)

Method Summary

boolean	canSignOCSPRequests() Return whether the extended keyusage contains the oid 1.3.6.1.5.5.7.3.9 indicating that the certificate can be used to sign OCSP requests Reference http://www.ietf.org/rfc/rfc3280.txt
protected void	extractCRLDistributionPoints()
java.lang.String	getCRLDistributionPoint()
java.security.cert.X509Certificate	getEncapsulatedCertificate()
abstract OcesId	getOcesId()
protected org.bouncycastle.asn1.x509.X509Name	getParsedSubjectDN()
java.lang.String	getPartitionedCRLDistributionPoint()
void	verify()
void	verify(java.util.Date date)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

encapsulatedCert

protected java.security.cert.X509Certificate encapsulatedCert

parsedSubjectDN

protected org.bouncycastle.asn1.x509.X509Name parsedSubjectDN

Constructor Detail

OcesCertificate

public OcesCertificate(java.security.cert.X509Certificate encapsulatedCert)

Method Detail

canSignOCSPRequests

public boolean canSignOCSPRequests()
                            throws InternalException

Return whether the extended keyusage contains the oid 1.3.6.1.5.5.7.3.9 indicating that the certificate can be used to sign OCSP requests Reference http://www.ietf.org/rfc/rfc3280.txt

Returns:

whether the certificate can be used to sign OCSP requests

Throws:

InternalException - in case of any expected error situation

extractCRLDistributionPoints

protected void extractCRLDistributionPoints()

getEncapsulatedCertificate

public java.security.cert.X509Certificate getEncapsulatedCertificate()

getPartitionedCRLDistributionPoint

public java.lang.String getPartitionedCRLDistributionPoint()

getCRLDistributionPoint

public java.lang.String getCRLDistributionPoint()

getOcesId

public abstract OcesId getOcesId()
                          throws NonOcesCertificateException

Throws:

NonOcesCertificateException

getParsedSubjectDN

protected org.bouncycastle.asn1.x509.X509Name getParsedSubjectDN()

verify

public void verify()
            throws InternalException,
                   SignatureVerificationException,
                   CertificateHasExpiredException,
                   CertificateIsNotYetValidException,
                   CRLExpiredException,
                   CRLNotYetValidException,
                   CertificateRevokedException

Throws:

InternalException

SignatureVerificationException

CertificateHasExpiredException

CertificateIsNotYetValidException

CRLExpiredException

CRLNotYetValidException

CertificateRevokedException

verify

public void verify(java.util.Date date)
            throws InternalException,
                   SignatureVerificationException,
                   CertificateHasExpiredException,
                   CertificateIsNotYetValidException,
                   CRLExpiredException,
                   CRLNotYetValidException,
                   CertificateRevokedException

Throws:

InternalException

SignatureVerificationException

CertificateHasExpiredException

CertificateIsNotYetValidException

CRLExpiredException

CRLNotYetValidException

CertificateRevokedException