Interface semper.certificate.Certificate
All Packages Class Hierarchy This Package Previous Next Index
Interface semper.certificate.Certificate
- public interface Certificate
- extends Object
- extends Streamable
Certificate is an interface defining the services on a certificates that
must be provided by an implementation of certificates that are to be used
in SEMPER. For an example of a simple implementation, see
DummyCertificate.
Note that the interface defined in the following can be expected to change
in the future.
-
changeCASign(String)
- This method is used to sign a certificate.
-
getCADN()
- Retrieve the dsignated name of the CA that issued this certificate.
-
getCASign()
- Retrieve signature for this certificate signed by the CA whose
Distinguished Name is stored in the Certificate.
-
getHashID()
- Retrieve the algorithm ID of the algorithm used to hash
this Certificate with.
-
getNotValidAfter()
- Retrieve the Date after which this certificate isn't valid.
-
getNotValidBefore()
- Retrieve the Date before which this certificate isn't valid.
-
getPublicKey()
- Retrieve the Public Key certified by this certificate.
-
getScope()
- Retrieve the scope for this Certificate.
-
getSerialNr()
- Retrieve this Certificates SerialNr, with which it is identified
by the CA that issued this certificate.
-
getSignatureID()
- Retrieve the algorithm ID of the algorithm used to sign
this Certificate with.
-
getStatus()
- Retrieve the status of the Certificate.
-
getType()
- Retrieve the type of Certificate.
-
getUserDN()
- Retrieve certificate designated name.
-
getWhyRevoked()
- Retrieve reason why this Certificate was revoked.
-
sameCertificate(Certificate)
- Desides whether two certificates should be considered equal.
-
setCADN(String)
- Set the CA's name that issued this certificate.
-
setHashID(int)
- Set the algorithm ID of the algorithm used to hash
this Certificate with.
-
setNotValidAfter(Date)
- Set the Date after which this certificate isn't valid.
-
setNotValidBefore(Date)
- Set the Date before which this certificate isn't valid.
-
setPublicKey(CryptoKeyInfo)
- Set the Public Key certified with this certificate.
-
setScope(int)
- Set the scope for this Certificate.
-
setSerialNr(long)
- Set this Certificates SerialNr, with which it is identified
by the CA that issued this certificate.
-
setSignatureID(int)
- Set the algorithm ID of the algorithm used to sign
this Certificate with.
-
setStatus(int)
- Set the status of the Certificate.
-
setType(int)
- Set the type of Certificate.
-
setUserDN(String)
- Set certificate owners name.
-
setWhyRevoked(int)
- Set reason why this Certificate was revoked.
-
verifyCertificate(CryptoKeyInfo)
- verify certificates correctness (ie whether signature matches its
contents).
getCADN
public abstract String getCADN()
- Retrieve the dsignated name of the CA that issued this certificate.
- Returns:
- distinguished name of CA
getUserDN
public abstract String getUserDN()
- Retrieve certificate designated name.
- Returns:
- distinguished name of subject
getSerialNr
public abstract long getSerialNr()
- Retrieve this Certificates SerialNr, with which it is identified
by the CA that issued this certificate.
- Returns:
- serial number of certificate
getPublicKey
public abstract CryptoKeyInfo getPublicKey()
- Retrieve the Public Key certified by this certificate.
- Returns:
- certified public key
getScope
public abstract int getScope()
- Retrieve the scope for this Certificate. The scope is encoded by
an integer and tells what the certificed key can be used for (e.g.,
signing or encryption). This service may return SCOPE_NYI meaning that the
certificate contains no information about the scope.
- Returns:
- scope of certificate (possibly SCOPE_NYI)
getType
public abstract int getType()
- Retrieve the type of Certificate. E.g., a certificate may certify
a key or be an attribute certificate certifyin that a particular
person has a particular right. Again this service may return TYPE_NYI
- Returns:
- type of certificate (possibly TYPE_NYI)
getNotValidBefore
public abstract Date getNotValidBefore()
- Retrieve the Date before which this certificate isn't valid.
- Returns:
- Date before which this certificate isn't valid.
getNotValidAfter
public abstract Date getNotValidAfter()
- Retrieve the Date after which this certificate isn't valid.
- Returns:
- Date after which this certificate isn't valid.
getStatus
public abstract int getStatus()
- Retrieve the status of the Certificate. If status isn't implemented,
(like in SecuDE) Certificates are assumed to be valid if they exist.
The status may tell, e.g., if the certificate has been revoked. It is
encoded by an integer.
- Returns:
- status of certificate (may be STATUS_NYI)
getCASign
public abstract byte[] getCASign()
- Retrieve signature for this certificate signed by the CA whose
Distinguished Name is stored in the Certificate.
- Returns:
- the signature as a byte array
getWhyRevoked
public abstract int getWhyRevoked()
- Retrieve reason why this Certificate was revoked. Might
change to a string later on. RCModules, that can't implement it
yet can instead return REVOC_REASON_NYI.
- Returns:
- the reason why a certificate has been revoked (possibly
REVOC_REASON_NYI)
getSignatureID
public abstract int getSignatureID()
- Retrieve the algorithm ID of the algorithm used to sign
this Certificate with. The types should correspond to the possible
types defined in the CryptoConstants class (RSA, DSA etc.)
- Returns:
- an integer encoding the algorithm used for making the signature
getHashID
public abstract int getHashID()
- Retrieve the algorithm ID of the algorithm used to hash
this Certificate with. The types should correspond to the possible
types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)
- Returns:
- an integer encoding the algorithm used for hashing the certificate
before signing.
setCADN
public abstract void setCADN(String name)
- Set the CA's name that issued this certificate.
- Parameters:
- : - CA's name.
setUserDN
public abstract void setUserDN(String name)
- Set certificate owners name.
- Parameters:
- : - users name.
setSerialNr
public abstract void setSerialNr(long serialNr)
- Set this Certificates SerialNr, with which it is identified
by the CA that issued this certificate.
- Parameters:
- new - serialNr.
setPublicKey
public abstract void setPublicKey(CryptoKeyInfo newKey)
- Set the Public Key certified with this certificate.
- Parameters:
- : - new Key.
setScope
public abstract void setScope(int scope)
- Set the scope for this Certificate. This might be an empty method.
- Parameters:
- scope - for the certificate.
setType
public abstract void setType(int type)
- Set the type of Certificate. This might be an empty method.
- Parameters:
- type - of certificate.
setNotValidBefore
public abstract void setNotValidBefore(Date notValidBefore)
- Set the Date before which this certificate isn't valid.
- Parameters:
- start - date of certificates validity period.
setNotValidAfter
public abstract void setNotValidAfter(Date notValidAfter)
- Set the Date after which this certificate isn't valid.
- Parameters:
- end - date of certificates validity period.
setStatus
public abstract void setStatus(int status)
- Set the status of the Certificate. If status isn't implemented,
this might be an empty method. For future implementations
of certificate-modules it should definitely be implemented.
- Parameters:
- status - of certificate.
changeCASign
public abstract void changeCASign(String myName) throws CertificateException
- This method is used to sign a certificate. The contents of the certificate is
signed using the secret of the CA whose distinguished name is given as parameter.
- Parameters:
- myName - is the distinguished name of this CA.
- Throws: CertificateException
- is thrown, if the signature couldn't
get changed.
setWhyRevoked
public abstract void setWhyRevoked(int whyRevoked)
- Set reason why this Certificate was revoked. Might
change to a string later on.
setSignatureID
public abstract void setSignatureID(int signatureID)
- Set the algorithm ID of the algorithm used to sign
this Certificate with. The types should correspond to the possible
types defined in the CryptoConstants class (RSA, DSA etc.)
- Parameters:
- signature - algorithm ID.
- See Also:
- CryptoConstants
setHashID
public abstract void setHashID(int hashID)
- Set the algorithm ID of the algorithm used to hash
this Certificate with. The types should correspond to the possible
types defined in the CryptoConstants class (MD2C, MD4, RIPE_MD, SHA etc.)
- Parameters:
- hashing - ID.
- See Also:
- CryptoConstants
verifyCertificate
public abstract boolean verifyCertificate(CryptoKeyInfo trustedPK) throws CertificateException
- verify certificates correctness (ie whether signature matches its
contents).
- Parameters:
- s - trustedPK is the the public key which the signature is verified against.
- Throws: CertificateException
- if some error occurred while verifying.
sameCertificate
public abstract boolean sameCertificate(Certificate cert)
- Desides whether two certificates should be considered equal.
- Parameters:
- The - certificate to be compared against.
- Returns:
- true if the given certificate equals this certificate
All Packages Class Hierarchy This Package Previous Next Index