Interface semper.certificate.Certificate
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface semper.certificate.Certificate

public interface Certificate
extends Object
extends Streamable
Certificate is an interface defining the services on a certificates that must be provided by an implementation of certificates that are to be used in SEMPER. For an example of a simple implementation, see DummyCertificate. Note that the interface defined in the following can be expected to change in the future.

Method Index

 o changeCASign(String)
This method is used to sign a certificate.
 o getCADN()
Retrieve the dsignated name of the CA that issued this certificate.
 o getCASign()
Retrieve signature for this certificate signed by the CA whose Distinguished Name is stored in the Certificate.
 o getHashID()
Retrieve the algorithm ID of the algorithm used to hash this Certificate with.
 o getNotValidAfter()
Retrieve the Date after which this certificate isn't valid.
 o getNotValidBefore()
Retrieve the Date before which this certificate isn't valid.
 o getPublicKey()
Retrieve the Public Key certified by this certificate.
 o getScope()
Retrieve the scope for this Certificate.
 o getSerialNr()
Retrieve this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
 o getSignatureID()
Retrieve the algorithm ID of the algorithm used to sign this Certificate with.
 o getStatus()
Retrieve the status of the Certificate.
 o getType()
Retrieve the type of Certificate.
 o getUserDN()
Retrieve certificate designated name.
 o getWhyRevoked()
Retrieve reason why this Certificate was revoked.
 o sameCertificate(Certificate)
Desides whether two certificates should be considered equal.
 o setCADN(String)
Set the CA's name that issued this certificate.
 o setHashID(int)
Set the algorithm ID of the algorithm used to hash this Certificate with.
 o setNotValidAfter(Date)
Set the Date after which this certificate isn't valid.
 o setNotValidBefore(Date)
Set the Date before which this certificate isn't valid.
 o setPublicKey(CryptoKeyInfo)
Set the Public Key certified with this certificate.
 o setScope(int)
Set the scope for this Certificate.
 o setSerialNr(long)
Set this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
 o setSignatureID(int)
Set the algorithm ID of the algorithm used to sign this Certificate with.
 o setStatus(int)
Set the status of the Certificate.
 o setType(int)
Set the type of Certificate.
 o setUserDN(String)
Set certificate owners name.
 o setWhyRevoked(int)
Set reason why this Certificate was revoked.
 o verifyCertificate(CryptoKeyInfo)
verify certificates correctness (ie whether signature matches its contents).

Methods

 o getCADN
  public abstract String getCADN()
Retrieve the dsignated name of the CA that issued this certificate.
Returns:
distinguished name of CA
 o getUserDN
  public abstract String getUserDN()
Retrieve certificate designated name.
Returns:
distinguished name of subject
 o getSerialNr
  public abstract long getSerialNr()
Retrieve this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
Returns:
serial number of certificate
 o getPublicKey
  public abstract CryptoKeyInfo getPublicKey()
Retrieve the Public Key certified by this certificate.
Returns:
certified public key
 o getScope
  public abstract int getScope()
Retrieve the scope for this Certificate. The scope is encoded by an integer and tells what the certificed key can be used for (e.g., signing or encryption). This service may return SCOPE_NYI meaning that the certificate contains no information about the scope.
Returns:
scope of certificate (possibly SCOPE_NYI)
 o getType
  public abstract int getType()
Retrieve the type of Certificate. E.g., a certificate may certify a key or be an attribute certificate certifyin that a particular person has a particular right. Again this service may return TYPE_NYI
Returns:
type of certificate (possibly TYPE_NYI)
 o getNotValidBefore
  public abstract Date getNotValidBefore()
Retrieve the Date before which this certificate isn't valid.
Returns:
Date before which this certificate isn't valid.
 o getNotValidAfter
  public abstract Date getNotValidAfter()
Retrieve the Date after which this certificate isn't valid.
Returns:
Date after which this certificate isn't valid.
 o getStatus
  public abstract int getStatus()
Retrieve the status of the Certificate. If status isn't implemented, (like in SecuDE) Certificates are assumed to be valid if they exist. The status may tell, e.g., if the certificate has been revoked. It is encoded by an integer.
Returns:
status of certificate (may be STATUS_NYI)
 o getCASign
  public abstract byte[] getCASign()
Retrieve signature for this certificate signed by the CA whose Distinguished Name is stored in the Certificate.
Returns:
the signature as a byte array
 o getWhyRevoked
  public abstract int getWhyRevoked()
Retrieve reason why this Certificate was revoked. Might change to a string later on. RCModules, that can't implement it yet can instead return REVOC_REASON_NYI.
Returns:
the reason why a certificate has been revoked (possibly REVOC_REASON_NYI)
 o getSignatureID
  public abstract int getSignatureID()
Retrieve the algorithm ID of the algorithm used to sign this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (RSA, DSA etc.)
Returns:
an integer encoding the algorithm used for making the signature
 o getHashID
  public abstract int getHashID()
Retrieve the algorithm ID of the algorithm used to hash this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)
Returns:
an integer encoding the algorithm used for hashing the certificate before signing.
 o setCADN
  public abstract void setCADN(String name)
Set the CA's name that issued this certificate.
Parameters:
: - CA's name.
 o setUserDN
  public abstract void setUserDN(String name)
Set certificate owners name.
Parameters:
: - users name.
 o setSerialNr
  public abstract void setSerialNr(long serialNr)
Set this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
Parameters:
new - serialNr.
 o setPublicKey
  public abstract void setPublicKey(CryptoKeyInfo newKey)
Set the Public Key certified with this certificate.
Parameters:
: - new Key.
 o setScope
  public abstract void setScope(int scope)
Set the scope for this Certificate. This might be an empty method.
Parameters:
scope - for the certificate.
 o setType
  public abstract void setType(int type)
Set the type of Certificate. This might be an empty method.
Parameters:
type - of certificate.
 o setNotValidBefore
  public abstract void setNotValidBefore(Date notValidBefore)
Set the Date before which this certificate isn't valid.
Parameters:
start - date of certificates validity period.
 o setNotValidAfter
  public abstract void setNotValidAfter(Date notValidAfter)
Set the Date after which this certificate isn't valid.
Parameters:
end - date of certificates validity period.
 o setStatus
  public abstract void setStatus(int status)
Set the status of the Certificate. If status isn't implemented, this might be an empty method. For future implementations of certificate-modules it should definitely be implemented.
Parameters:
status - of certificate.
 o changeCASign
  public abstract void changeCASign(String myName) throws CertificateException
This method is used to sign a certificate. The contents of the certificate is signed using the secret of the CA whose distinguished name is given as parameter.
Parameters:
myName - is the distinguished name of this CA.
Throws: CertificateException
is thrown, if the signature couldn't get changed.
 o setWhyRevoked
  public abstract void setWhyRevoked(int whyRevoked)
Set reason why this Certificate was revoked. Might change to a string later on.
 o setSignatureID
  public abstract void setSignatureID(int signatureID)
Set the algorithm ID of the algorithm used to sign this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (RSA, DSA etc.)
Parameters:
signature - algorithm ID.
See Also:
CryptoConstants
 o setHashID
  public abstract void setHashID(int hashID)
Set the algorithm ID of the algorithm used to hash this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)
Parameters:
hashing - ID.
See Also:
CryptoConstants
 o verifyCertificate
  public abstract boolean verifyCertificate(CryptoKeyInfo trustedPK) throws CertificateException
verify certificates correctness (ie whether signature matches its contents).
Parameters:
s - trustedPK is the the public key which the signature is verified against.
Throws: CertificateException
if some error occurred while verifying.
 o sameCertificate
  public abstract boolean sameCertificate(Certificate cert)
Desides whether two certificates should be considered equal.
Parameters:
The - certificate to be compared against.
Returns:
true if the given certificate equals this certificate

All Packages  Class Hierarchy  This Package  Previous  Next  Index