All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface semper.certificate.Certificate

public interface Certificate
extends Serializable, Browseable
Certificate is an interface defining the services on a certificates that must be provided by an implementation of certificates that are to be used in SEMPER. For an example of a simple implementation, see DummyCertificate. Note that the interface defined in the following can be expected to change in the future.

Method Index

o getCAName()
Retrieve the name of the CA.
o getCASign()
Retrieve signature for this certificate signed by the CA whose Distinguished Name is stored in the Certificate.
o getExtensions()
get the certificate extensions
o getHashID()
Retrieve the algorithm ID of the algorithm used to hash this Certificate with.
o getIdLevel()
Retrieve the identification level of this certificate as a String
o getModuleName()
Retrieve name of module
o getNotValidAfter()
Retrieve the Date after which this certificate isn't valid.
o getNotValidBefore()
Retrieve the Date before which this certificate isn't valid.
o getPublicKey()
Retrieve the Public Key certified by this certificate.
o getRegLevel()
Retrieve the registration level of this certificate as a String
o getScope()
Retrieve the scope for this Certificate.
o getSerialNo()
Retrieve this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
o getSignatureID()
Retrieve the algorithm ID of the algorithm used to sign this Certificate with.
o getStatus()
Retrieve the status of the Certificate.
o getType()
Retrieve the type of Certificate.
o getUserDN()
Retrieve certificate designated name.
o getWhyRevoked()
Retrieve reason why this Certificate was revoked.
o sameCertificate(Certificate)
Desides whether two certificates should be considered equal.
o setCAName(String)
Set the CA's name that issued this certificate.
o setExtensions(CertificateExtensions)
Set the extensions of the certificate
o setHashID(HashingAlgorithm)
Set the algorithm ID of the algorithm used to hash this Certificate with.
o setNotValidAfter(Date)
Set the Date after which this certificate isn't valid.
o setNotValidBefore(Date)
Set the Date before which this certificate isn't valid.
o setPublicKey(CryptoKeyInfo)
Set the Public Key certified with this certificate.
o setScope(Scope)
Set the scope for this Certificate.
o setSerialNo(long)
Set this Certificates SerialNr, with which it is identified by the CA that issued this certificate.
o setSignatureID(SignAlgorithm)
Set the algorithm ID of the algorithm used to sign this Certificate with.
o setStatus(Status)
Set the status of the Certificate.
o setType(CertificateType)
Set the type of Certificate.
o setUserDN(String)
Set certificate owners name.
o setWhyRevoked(Revocation)
Set reason why this Certificate was revoked.
o verifyCertificate(CryptoKeyInfo)
verify certificates correctness (ie whether signature matches its contents).

Methods

o getModuleName 
 public abstract String getModuleName()
Retrieve name of module

Returns:
name of module
o getCAName 
 public abstract String getCAName()
Retrieve the name of the CA.

Returns:
name of CA
o getUserDN 
 public abstract String getUserDN()
Retrieve certificate designated name.

Returns:
distinguished name of subject
o getRegLevel 
 public abstract String getRegLevel()
Retrieve the registration level of this certificate as a String

Returns:
registration level
o getIdLevel 
 public abstract String getIdLevel()
Retrieve the identification level of this certificate as a String

Returns:
identification level
o getSerialNo 
 public abstract long getSerialNo()
Retrieve this Certificates SerialNr, with which it is identified by the CA that issued this certificate.

Returns:
serial number of certificate
o getPublicKey 
 public abstract CryptoKeyInfo getPublicKey()
Retrieve the Public Key certified by this certificate.

Returns:
certified public key
o getScope 
 public abstract Scope getScope()
Retrieve the scope for this Certificate. The scope is encoded by an integer and tells what the certificed key can be used for (e.g., signing or encryption). This service may return SCOPE_NYI meaning that the certificate contains no information about the scope.

Returns:
scope of certificate (possibly SCOPE_NYI)
o getType 
 public abstract CertificateType getType()
Retrieve the type of Certificate. E.g., a certificate may certify a key or be an attribute certificate certifyin that a particular person has a particular right. Again this service may return TYPE_NYI

Returns:
type of certificate (possibly TYPE_NYI)
o getNotValidBefore 
 public abstract Date getNotValidBefore()
Retrieve the Date before which this certificate isn't valid.

Returns:
Date before which this certificate isn't valid.
o getNotValidAfter 
 public abstract Date getNotValidAfter()
Retrieve the Date after which this certificate isn't valid.

Returns:
Date after which this certificate isn't valid.
o getStatus 
 public abstract Status getStatus()
Retrieve the status of the Certificate. If status isn't implemented, (like in SecuDE) Certificates are assumed to be valid if they exist. The status may tell, e.g., if the certificate has been revoked. It is encoded by an integer.

Returns:
status of certificate (may be STATUS_NYI)
o getCASign 
 public abstract byte[] getCASign()
Retrieve signature for this certificate signed by the CA whose Distinguished Name is stored in the Certificate.

Returns:
the signature as a byte array
o getWhyRevoked 
 public abstract Revocation getWhyRevoked()
Retrieve reason why this Certificate was revoked. Might change to a string later on. RCModules, that can't implement it yet can instead return REVOC_REASON_NYI.

Returns:
the reason why a certificate has been revoked (possibly REVOC_REASON_NYI)
o getSignatureID 
 public abstract SignAlgorithm getSignatureID()
Retrieve the algorithm ID of the algorithm used to sign this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (RSA, DSA etc.)

Returns:
an integer encoding the algorithm used for making the signature
o getHashID 
 public abstract HashingAlgorithm getHashID()
Retrieve the algorithm ID of the algorithm used to hash this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)

Returns:
an integer encoding the algorithm used for hashing the certificate before signing.
o setCAName 
 public abstract void setCAName(String name)
Set the CA's name that issued this certificate.

Parameters:
: - CA's name.
o setUserDN 
 public abstract void setUserDN(String name)
Set certificate owners name.

Parameters:
: - users name.
o setSerialNo 
 public abstract void setSerialNo(long serialNr)
Set this Certificates SerialNr, with which it is identified by the CA that issued this certificate.

Parameters:
new - serial number.
o setPublicKey 
 public abstract void setPublicKey(CryptoKeyInfo newKey)
Set the Public Key certified with this certificate.

Parameters:
: - new Key.
o setScope 
 public abstract void setScope(Scope scope)
Set the scope for this Certificate. This might be an empty method.

Parameters:
scope - for the certificate.
o setType 
 public abstract void setType(CertificateType type)
Set the type of Certificate. This might be an empty method.

Parameters:
type - of certificate.
o setNotValidBefore 
 public abstract void setNotValidBefore(Date notValidBefore)
Set the Date before which this certificate isn't valid.

Parameters:
start - date of certificates validity period.
o setNotValidAfter 
 public abstract void setNotValidAfter(Date notValidAfter)
Set the Date after which this certificate isn't valid.

Parameters:
end - date of certificates validity period.
o setStatus 
 public abstract void setStatus(Status status)
Set the status of the Certificate. If status isn't implemented, this might be an empty method. For future implementations of certificate-modules it should definitely be implemented.

Parameters:
status - of certificate.
o setWhyRevoked 
 public abstract void setWhyRevoked(Revocation whyRevoked)
Set reason why this Certificate was revoked. Might change to a string later on.

o setSignatureID 
 public abstract void setSignatureID(SignAlgorithm signatureID)
Set the algorithm ID of the algorithm used to sign this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (RSA, DSA etc.)

Parameters:
signature - algorithm ID.
See Also:
CryptoConstants
o setHashID 
 public abstract void setHashID(HashingAlgorithm hashID)
Set the algorithm ID of the algorithm used to hash this Certificate with. The types should correspond to the possible types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)

Parameters:
hashing - ID.
See Also:
CryptoConstants
o verifyCertificate 
 public abstract boolean verifyCertificate(CryptoKeyInfo trustedPK) throws CertificateException
verify certificates correctness (ie whether signature matches its contents).

Parameters:
s - trustedPK is the the public key which the signature is verified against.
Throws: CertificateException
if some error occurred while verifying.
o sameCertificate 
 public abstract boolean sameCertificate(Certificate cert)
Desides whether two certificates should be considered equal.

Parameters:
The - certificate to be compared against.
Returns:
true if the given certificate equals this certificate
o setExtensions 
 public abstract void setExtensions(CertificateExtensions ext)
Set the extensions of the certificate

Parameters:
cettificate - extensions
o getExtensions 
 public abstract CertificateExtensions getExtensions()
get the certificate extensions

Returns:
the extensions 
All Packages  Class Hierarchy  This Package  Previous  Next  Index