Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

codec.pkcs10
Class CertificationRequest

java.lang.Object
  |
  +--java.util.AbstractCollection
        |
        +--java.util.AbstractList
              |
              +--java.util.ArrayList
                    |
                    +--codec.asn1.ASN1AbstractCollection
                          |
                          +--codec.asn1.ASN1Sequence
                                |
                                +--codec.pkcs10.CertificationRequest
All Implemented Interfaces:
ASN1Collection, ASN1Type, Cloneable, Collection, Externalizable, List, Serializable
public class CertificationRequest
extends ASN1Sequence

PKCS#10 Certification Request. This Object can be used to build a PKCS#10 compliant certification request for a self-created public key pair. The public key and the name of the subject have to be put into this certification request that is to be sent to a certification authority for certificate generation.

PKCS#10 defines the following data structure for certificate requests: 

 CertificationRequest ::= SEQUENCE {
 certificationRequestInfo   CertificationRequestInfo,
 signatureAlgorithm         AlgorithmIdentifier,
 signature                  BIT STRING
 }
 CertificationRequestInfo ::= SEQUENCE {
 version                    Integer,
 subject                    Name,
 subjectPublicKeyInfo       SubjectPublicKeyInfo,
 attributes                 [0] IMPLICIT Attributes
 }
 Attributes ::= SET OF Attribute -- see PKCS#9
To build a PKCS#10 certification request, you can use the constructor CertificationRequest(PublicKey,Name) with your public key and name. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call setSignature(byte[], AlgorithmIdentifier) to fill-in the signature data. After that, you can export the certification request using getEncoded(). Creation date: (18.08.99 15:23:09)

Author:
Markus Tak Update: (20.05.00 15:23:09), Markus Ruppert
See Also:
Serialized Form

Fields inherited from class java.util.AbstractList
modCount
 
Constructor Summary
CertificationRequest()
          Structure-constructor that builds the ASN.1 data structure.
CertificationRequest(byte[] enc)
          Constructor upon an byte-array that holds the DER-encoded Certification Request.
CertificationRequest(InputStream in)
          Constructor upon an input stream.
CertificationRequest(PublicKey pk, Name sub)
          The given public key and name objects are put into this certification request.
CertificationRequest(PublicKey pk, Name sub, Collection attr)
          Standard-constructor upon JAVA-Objects.
 
Method Summary
 List getAttributes()
          Returns an unmodifiable list view on the attributes.
 byte[] getEncoded()
          Returns the DER-encoded PKCS#10 data structure.
 PublicKey getPublicKey()
          Returns the public key inside this Certification Request.
 AlgorithmIdentifier getPublicKeyAlgorithm()
          Returns the AlgorithmIdentifier describing the public key's algorithm.
 byte[] getSignature()
          Returns the signature on this certification request that is done by appliying the corresponding private key.
 Name getSubjectDN()
          Returns the subject's distinguished name.
 byte[] getTBS()
          Returns the to-be-signed (TBS) data structure, meaning the data to be applied on the signature algorithm.
 void setAttributes(Collection attributes)
          Sets the given attributes.
 void setSignature(byte[] sg, AlgorithmIdentifier algID)
          Sets the signature.
 void sign(Signature sig, PublicKey signerPub)
          This methods implements an easy way to sign your certificate request.
 String toString()
          Human-readable string representation of this Certification Request.
 void verify()
          With this method, the certification request can be verified in an easy, but less secure way.
 void verify(String pro)
          With this method, the certification request can be verified in an easy, but less secure way.
 
Methods inherited from class codec.asn1.ASN1Sequence
getTag
 
Methods inherited from class codec.asn1.ASN1AbstractCollection
checkConstraints, decode, encode, getCollection, getConstraint, getTagClass, getValue, isExplicit, isOptional, isType, readExternal, setConstraint, setExplicit, setOptional, writeExternal
 
Methods inherited from class java.util.ArrayList
add, add, addAll, addAll, clear, clone, contains, ensureCapacity, get, indexOf, isEmpty, lastIndexOf, remove, removeRange, set, size, toArray, toArray, trimToSize
 
Methods inherited from class java.util.AbstractList
equals, hashCode, iterator, listIterator, listIterator, subList
 
Methods inherited from class java.util.AbstractCollection
containsAll, remove, removeAll, retainAll
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface java.util.Collection
add, addAll, clear, contains, containsAll, equals, hashCode, isEmpty, iterator, remove, removeAll, retainAll, size, toArray, toArray
 
Methods inherited from interface java.util.List
containsAll, equals, hashCode, iterator, listIterator, listIterator, remove, removeAll, retainAll, subList
 

Constructor Detail

CertificationRequest

public CertificationRequest()
Structure-constructor that builds the ASN.1 data structure. Creation date: (20.08.99 21:42:03)

CertificationRequest

public CertificationRequest(byte[] enc)
                     throws ASN1Exception
Constructor upon an byte-array that holds the DER-encoded Certification Request. Creation date: (20.08.99 21:42:03)

CertificationRequest

public CertificationRequest(InputStream in)
                     throws ASN1Exception,
                            IOException
Constructor upon an input stream. The stream is closed by this constructor.
Parameters:
in - InputStream that delivers the DER-encoded PKCS#10 Certification Request Creation date: (20.08.99 21:42:03)

CertificationRequest

public CertificationRequest(PublicKey pk,
                            Name sub)
                     throws InvalidKeyException
The given public key and name objects are put into this certification request. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call setSignature(byte[], AlgorithmIdentifier) to fill-in the signature data. After that, you can export the certification request using getEncoded().
Parameters:
pk - the public key that is to be put inside this certification request
sub - the Subject's name Creation date: (20.08.99 21:42:03)

CertificationRequest

public CertificationRequest(PublicKey pk,
                            Name sub,
                            Collection attr)
                     throws InvalidKeyException
Standard-constructor upon JAVA-Objects. The given public key and name objects are put into this certification request. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call setSignature(byte[], AlgorithmIdentifier) to * fill-in the signature data. After that, you can export the certification request using getEncoded().
Parameters:
pk - the public key that is to be put inside this certification request
sub - the Subject's name
attr - the Subject's attributes Creation date: (20.05.00 18:46:46)
Method Detail

getAttributes

public List getAttributes()
Returns an unmodifiable list view on the attributes. Creation date: (20.05.00 18:46:46)
Returns:
The attributes

getEncoded

public byte[] getEncoded()
                  throws ASN1Exception
Returns the DER-encoded PKCS#10 data structure.
Throws:
ASN1Exception - if an encoding problem occurs

getPublicKey

public PublicKey getPublicKey()
                       throws NoSuchAlgorithmException
Returns the public key inside this Certification Request. Creation date: (20.08.99 21:42:03)

getPublicKeyAlgorithm

public AlgorithmIdentifier getPublicKeyAlgorithm()
Returns the AlgorithmIdentifier describing the public key's algorithm. Creation date: (20.08.99 21:42:03)

getSignature

public byte[] getSignature()
Returns the signature on this certification request that is done by appliying the corresponding private key. Creation date: (20.08.99 21:42:03)

getSubjectDN

public Name getSubjectDN()
Returns the subject's distinguished name. Creation date: (20.08.99 21:42:03)

getTBS

public byte[] getTBS()
              throws CorruptedCodeException
Returns the to-be-signed (TBS) data structure, meaning the data to be applied on the signature algorithm. This method has to be called for verifying the signature. Creation date: (20.08.99 21:42:03)

setAttributes

public void setAttributes(Collection attributes)
Sets the given attributes.
Parameters:
attributes - The attributes. Creation date: (20.05.00 18:46:46)

setSignature

public void setSignature(byte[] sg,
                         AlgorithmIdentifier algID)
Sets the signature. Can only be called after getTBS(). Note that the AlgorithmIdentifier algID is not copied, meaning that after calling this method, it must not be changed. Otherwise the validity of the signature is lost and the object contents are corrupted!
Parameters:
sg - the new signature
algID - the algorithm identifier that describes the signature algorithm Creation date: (20.08.99 21:42:03)

toString

public String toString()
Human-readable string representation of this Certification Request. Creation date: (20.08.99 21:44:32)
Overrides:
toString in class ASN1AbstractCollection
Returns:
java.lang.String

verify

public void verify()
            throws NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
With this method, the certification request can be verified in an easy, but less secure way. If highest security is to be obtained, getTBS(), getPublicKey() and getSignature() should be used along with an external verification. Verification is successful if the signature can be verified using the public key inside this object. Successful verification is done if no exception is thrown from this method.

verify

public void verify(String pro)
            throws NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
With this method, the certification request can be verified in an easy, but less secure way. If highest security is to be obtained, getTBS(), getPublicKey() and getSignature() should be used along with an external verification. Verification is successful if the signature can be verified using the public key inside this object. Successful verification is done if no exception is thrown from this method.
Parameters:
pro - Provider to be used for signature mechanism

sign

public void sign(Signature sig,
                 PublicKey signerPub)
          throws SignatureException,
                 CertificateEncodingException,
                 NoSuchAlgorithmException,
                 InvalidAlgorithmParameterException
This methods implements an easy way to sign your certificate request.
Parameters:
sig - a Signature engine that is initialized for signing with the appropriate private key
signerPub - the signer's public key (it is required to extract algorithm parameters)
Throws:
SignatureException - if the signature could not be done
CertificateEncodingException - if an error occured during tbsCertificate encoding
NoSuchAlgorithmException - if the Public key or is not available signature algorithm
InvalidAlgorithmParameterException - if signature algorithm parameters could not be encoded correctly
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © Fraunhofer Gesellschaft. All Rights Reserved.