IAIK PKCS#11 Wrapper
version 1.2.16

iaik.pkcs.pkcs11.objects
Class Certificate

java.lang.Object
  extended byiaik.pkcs.pkcs11.objects.Object
      extended byiaik.pkcs.pkcs11.objects.Storage
          extended byiaik.pkcs.pkcs11.objects.Certificate
All Implemented Interfaces:
Cloneable
Direct Known Subclasses:
X509AttributeCertificate, X509PublicKeyCertificate

public class Certificate
extends Storage

An object of this class represents a certificate as defined by PKCS#11. A certificate is of a specific type: X_509_PUBLIC_KEY, X_509_ATTRIBUTE or VENDOR_DEFINED. If an application needs to use vendor-defined certificates, it must set a VendorDefinedCertificateBuilder using the setVendorDefinedCertificateBuilder method.

Invariants
(certificateType_ <> null) and (trusted_ <> null)

Nested Class Summary
static interface Certificate.CertificateType
          This interface defines the available certificate types as defined by PKCS#11: X_509_PUBLIC_KEY, X_509_ATTRIBUTE or VENDOR_DEFINED.
static interface Certificate.VendorDefinedCertificateBuilder
          If an application uses vendor defined certificates, it must implement this interface and install such an object handler using setVendorDefinedCertificateBuilder.
 
Nested classes inherited from class iaik.pkcs.pkcs11.objects.Object
Object.ObjectClass, Object.VendorDefinedObjectBuilder
 
Field Summary
protected  CertificateTypeAttribute certificateType_
          The type of this certificate.
protected  BooleanAttribute trusted_
          Indicates, if this certificate can be trusted.
protected static Certificate.VendorDefinedCertificateBuilder vendorCertificateBuilder_
          The currently set vendor defined certificate builder, or null.
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Storage
label_, modifiable_, private_, token_
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Object
attributeTable_, objectClass_, objectClassNames_, objectHandle_, vendorObjectBuilder_
 
Constructor Summary
  Certificate()
          The default constructor.
protected Certificate(Session session, long objectHandle)
          Constructor taking the reference to the PKCS#11 module for accessing the object's attributes, the session handle to use for reading the attribute values and the object handle.
 
Method Summary
protected  void allocateAttributes()
          Allocates the attribute objects for this class and adds them to the attribute table.
 Object clone()
          Create a (deep) clone of this object.
 boolean equals(Object otherObject)
          Compares all member variables of this object with the other object.
 LongAttribute getCertificateType()
          Gets the certificate type attribute of the PKCS#11 certificate.
static String getCertificateTypeName(Long certificateType)
          Get the given certificate type as string.
static Object getInstance(Session session, long objectHandle)
          The getInstance method of the Object class uses this method to create an instance of a PKCS#11 certificate.
 BooleanAttribute getTrusted()
          Gets the trusted attribute of the PKCS#11 certificate.
protected static Object getUnknownCertificate(Session session, long objectHandle)
          Try to create a certificate which has no or an unkown certificate type attribute.
static Certificate.VendorDefinedCertificateBuilder getVendorDefinedCertificateBuilder()
          Get the currently set vendor-defined certificate builder.
 int hashCode()
          The overriding of this method should ensure that the objects of this class work correctly in a hashtable.
protected static void putAttributesInTable(Certificate object)
          Put all attributes of the given object into the attributes table of this object.
 void readAttributes(Session session)
          Read the values of the attributes of this object from the token.
static void setVendorDefinedCertificateBuilder(Certificate.VendorDefinedCertificateBuilder builder)
          Set a vendor-defined certificate builder that should be called to create an instance of an vendor-defined PKCS#11 certificate; i.e. an instance of a vendor defined sub-class of this class.
 String toString()
          This method returns a string representation of the current object.
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Storage
getLabel, getModifiable, getPrivate, getToken, putAttributesInTable
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Object
getAttributeTable, getAttributeValue, getObjectClass, getObjectClassName, getObjectHandle, getSetAttributes, getSetAttributes, getUnknownObject, getVendorDefinedObjectBuilder, putAttributesInTable, setObjectHandle, setVendorDefinedObjectBuilder
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

vendorCertificateBuilder_

protected static Certificate.VendorDefinedCertificateBuilder vendorCertificateBuilder_
The currently set vendor defined certificate builder, or null.


certificateType_

protected CertificateTypeAttribute certificateType_
The type of this certificate. One of CertificateType, or one that has a bigger value than VENDOR_DEFINED.


trusted_

protected BooleanAttribute trusted_
Indicates, if this certificate can be trusted.

Constructor Detail

Certificate

public Certificate()
The default constructor. An application use this constructor to instanciate a certificate that serves as a template. It may also be useful for working with vendor-defined certificates.

Preconditions
Postconditions

Certificate

protected Certificate(Session session,
                      long objectHandle)
               throws TokenException
Constructor taking the reference to the PKCS#11 module for accessing the object's attributes, the session handle to use for reading the attribute values and the object handle. This constructor read all attributes that a storage object must contain.

Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Throws:
TokenException - If getting the attributes failed.
Preconditions
(session <> null)
Postconditions
Method Detail

getCertificateTypeName

public static String getCertificateTypeName(Long certificateType)
Get the given certificate type as string.

Parameters:
certificateType - The certificate type to get as string.
Returns:
A string denoting the object certificate type; e.g. "X.509 Public Key".
Preconditions
(certificateType <> null)
Postconditions
(result <> null)

getInstance

public static Object getInstance(Session session,
                                 long objectHandle)
                          throws TokenException
The getInstance method of the Object class uses this method to create an instance of a PKCS#11 certificate. This method reads the certificate type attribute and calls the getInstance method of the according sub-class. If the certificate type is a vendor defined it uses the VendorDefinedCertificateBuilder set by the application. If no certificate could be constructed, this method returns null.

Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Returns:
The object representing the PKCS#11 object. The returned object can be casted to the according sub-class.
Throws:
TokenException - If getting the attributes failed.
Preconditions
(session <> null)
Postconditions
(result <> null)

getUnknownCertificate

protected static Object getUnknownCertificate(Session session,
                                              long objectHandle)
                                       throws TokenException
Try to create a certificate which has no or an unkown certificate type attribute. This implementation will try to use a vendor defined certificate builder, if such has been set. If this is impossible or fails, it will create just a simple Certificate .

Parameters:
session - The session to use.
objectHandle - The handle of the object
Returns:
A new Object.
Throws:
TokenException - If no object could be created.
Preconditions
(session <> null)
Postconditions
(result <> null)

setVendorDefinedCertificateBuilder

public static void setVendorDefinedCertificateBuilder(Certificate.VendorDefinedCertificateBuilder builder)
Set a vendor-defined certificate builder that should be called to create an instance of an vendor-defined PKCS#11 certificate; i.e. an instance of a vendor defined sub-class of this class.

Parameters:
builder - The vendor-defined certificate builder. Null to clear any previously installed vendor-defined builder.
Preconditions
Postconditions

getVendorDefinedCertificateBuilder

public static Certificate.VendorDefinedCertificateBuilder getVendorDefinedCertificateBuilder()
Get the currently set vendor-defined certificate builder.

Returns:
The currently set vendor-defined certificate builder or null if none is set.
Preconditions
Postconditions

putAttributesInTable

protected static void putAttributesInTable(Certificate object)
Put all attributes of the given object into the attributes table of this object. This method is only static to be able to access invoke the implementation of this method for each class separately (see use in clone()).

Parameters:
object - The object to handle.
Preconditions
(object <> null)
Postconditions

allocateAttributes

protected void allocateAttributes()
Allocates the attribute objects for this class and adds them to the attribute table.

Overrides:
allocateAttributes in class Storage
Preconditions
Postconditions

clone

public Object clone()
Create a (deep) clone of this object.

Overrides:
clone in class Storage
Returns:
A clone of this object.
Preconditions
Postconditions
(result <> null) and (result instanceof Certificate) and (result.equals(this))

equals

public boolean equals(Object otherObject)
Compares all member variables of this object with the other object. Returns only true, if all are equal in both objects.

Overrides:
equals in class Storage
Parameters:
otherObject - The other object to compare to.
Returns:
True, if other is an instance of this class and all member variables of both objects are equal. False, otherwise.
Preconditions
Postconditions

getCertificateType

public LongAttribute getCertificateType()
Gets the certificate type attribute of the PKCS#11 certificate. Its value must be one of those defined in the CertificateType interface or one with an value bigger than CertificateType.VENDOR_DEFINED.

Returns:
The certificate type attribute.
Preconditions
Postconditions
(result <> null)

getTrusted

public BooleanAttribute getTrusted()
Gets the trusted attribute of the PKCS#11 certificate.

Returns:
The trusted attribute.
Preconditions
Postconditions
(result <> null)

hashCode

public int hashCode()
The overriding of this method should ensure that the objects of this class work correctly in a hashtable.

Overrides:
hashCode in class Storage
Returns:
The hash code of this object.
Preconditions
Postconditions

readAttributes

public void readAttributes(Session session)
                    throws TokenException
Read the values of the attributes of this object from the token.

Overrides:
readAttributes in class Storage
Parameters:
session - The session handle to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
Throws:
TokenException - If getting the attributes failed.
Preconditions
(session <> null)
Postconditions

toString

public String toString()
This method returns a string representation of the current object. The output is only for debugging purposes and should not be used for other purposes.

Overrides:
toString in class Storage
Returns:
A string presentation of this object for debugging output.
Preconditions
Postconditions
(result <> null)

IAIK PKCS#11 Wrapper
version 1.2.16

IAIK JavaSecurity Website http://jce.iaik.tugraz.at/

IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2002, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.