codec.pkcs10
Class CertificationRequest

java.lang.Object
  java.util.AbstractCollection<E>
      java.util.AbstractList<E>
          java.util.ArrayList
              codec.asn1.ASN1AbstractCollection
                  codec.asn1.ASN1Sequence
                      codec.pkcs10.CertificationRequest

All Implemented Interfaces:

ASN1Collection, ASN1Type, Serializable, Cloneable, Iterable, Collection, List, RandomAccess

public class CertificationRequest
extends ASN1Sequence

PKCS#10 Certification Request. This Object can be used to build a PKCS#10 compliant certification request for a self-created public key pair. The public key and the name of the subject have to be put into this certification request that is to be sent to a certification authority for certificate generation.

PKCS#10 defines the following data structure for certificate requests:

 CertificationRequest ::= SEQUENCE {
 certificationRequestInfo   CertificationRequestInfo,
 signatureAlgorithm         AlgorithmIdentifier,
 signature                  BIT STRING
 }
 
 CertificationRequestInfo ::= SEQUENCE {
 version                    Integer,
 subject                    Name,
 subjectPublicKeyInfo       SubjectPublicKeyInfo,
 attributes                 [0] IMPLICIT Attributes
 }
 
 Attributes ::= SET OF Attribute -- see PKCS#9 

To build a PKCS#10 certification request, you can use the constructor CertificationRequest(PublicKey,Name) with your public key and name. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call setSignature() to fill-in the signature data. After that, you can export the certification request using getEncoded(). Creation date: (18.08.99 15:23:09)

See Also:

Serialized Form

Field Summary

private ASN1Set	attributes_
private ASN1Sequence	certificationRequestInfo_
private ASN1BitString	signature_
private AlgorithmIdentifier	signatureAlgorithmIdentifier_
private Name	subject_
private SubjectPublicKeyInfo	subjectPublicKeyInfo_
private ASN1Integer	version_

Fields inherited from class java.util.AbstractList

modCount

Constructor Summary

CertificationRequest()
Structure-constructor that builds the ASN.1 data structure.

CertificationRequest(byte[] enc)
Constructor upon an byte-array that holds the DER-encoded Certification Request.

CertificationRequest(InputStream in)
Constructor upon an input stream.

CertificationRequest(PublicKey pk, Name sub)
The given public key and name objects are put into this certification request.

CertificationRequest(PublicKey pk, Name sub, Collection attr)
Standard-constructor upon JAVA-Objects.

Method Summary

List	getAttributes() Returns an unmodifiable list view on the attributes.
byte[]	getEncoded() Returns the DER-encoded PKCS#10 data structure.
PublicKey	getPublicKey() Returns the public key inside this Certification Request.
AlgorithmIdentifier	getPublicKeyAlgorithm() Returns the AlgorithmIdentifier describing the public key's algorithm.
byte[]	getSignature() Returns the signature on this certification request that is done by appliying the corresponding private key.
Name	getSubjectDN() Returns the subject's distinguished name.
byte[]	getTBS() Returns the to-be-signed (TBS) data structure, meaning the data to be applied on the signature algorithm.
void	setAttributes(Collection attributes) Sets the given attributes.
private void	setPublicKey(PublicKey pk) Sets the public key.
void	setSignature(byte[] sg, AlgorithmIdentifier algID) Sets the signature.
private void	setSubjectDN(Name sub) Sets the subject's distinguished name (DN).
String	toString() Human-readable string representation of this Certification Request.
void	verify() With this method, the certification request can be verified in an easy, but less secure way.
void	verify(String pro) With this method, the certification request can be verified in an easy, but less secure way.

Methods inherited from class codec.asn1.ASN1Sequence

getTag

Methods inherited from class codec.asn1.ASN1AbstractCollection

checkConstraints, decode, encode, getCollection, getConstraint, getTagClass, getValue, isExplicit, isOptional, isType, setConstraint, setExplicit, setOptional

Methods inherited from class java.util.ArrayList

add, add, addAll, addAll, clear, clone, contains, ensureCapacity, get, indexOf, isEmpty, lastIndexOf, remove, remove, removeRange, set, size, toArray, toArray, trimToSize

Methods inherited from class java.util.AbstractList

equals, hashCode, iterator, listIterator, listIterator, subList

Methods inherited from class java.util.AbstractCollection

containsAll, removeAll, retainAll

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.util.Collection

add, addAll, clear, contains, containsAll, equals, hashCode, isEmpty, iterator, remove, removeAll, retainAll, size, toArray, toArray

Methods inherited from interface java.util.List

containsAll, equals, hashCode, iterator, listIterator, listIterator, removeAll, retainAll, subList

Field Detail

certificationRequestInfo_

private ASN1Sequence certificationRequestInfo_

version_

private ASN1Integer version_

subject_

private Name subject_

subjectPublicKeyInfo_

private SubjectPublicKeyInfo subjectPublicKeyInfo_

attributes_

private ASN1Set attributes_

signatureAlgorithmIdentifier_

private AlgorithmIdentifier signatureAlgorithmIdentifier_

signature_

private ASN1BitString signature_

Constructor Detail

CertificationRequest

public CertificationRequest()
                     throws ASN1Exception

Structure-constructor that builds the ASN.1 data structure. Creation date: (20.08.99 21:42:03)

Throws:

ASN1Exception

CertificationRequest

public CertificationRequest(byte[] enc)
                     throws ASN1Exception

Constructor upon an byte-array that holds the DER-encoded Certification Request. Creation date: (20.08.99 21:42:03)

Throws:

ASN1Exception

CertificationRequest

public CertificationRequest(InputStream in)
                     throws ASN1Exception,
                            IOException

Constructor upon an input stream. The stream is closed by this constructor.

Parameters:

enc - InputStream that delivers the DER-encoded PKCS#10 Certification Request Creation date: (20.08.99 21:42:03)

Throws:

ASN1Exception

IOException

CertificationRequest

public CertificationRequest(PublicKey pk,
                            Name sub)
                     throws ASN1Exception,
                            InvalidKeyException

The given public key and name objects are put into this certification request. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call #setSignature() to fill-in the signature data. After that, you can export the certification request using getEncoded().

Parameters:

pk - the public key that is to be put inside this certification request

sub - the Subject's name Creation date: (20.08.99 21:42:03)

Throws:

ASN1Exception

InvalidKeyException

CertificationRequest

public CertificationRequest(PublicKey pk,
                            Name sub,
                            Collection attr)
                     throws ASN1Exception,
                            InvalidKeyException

Standard-constructor upon JAVA-Objects. The given public key and name objects are put into this certification request. After that, you have to call getTBS() to get the to-be-signed (tbs) data, sign them outside and call #setSignature() to fill-in the signature data. After that, you can export the certification request using getEncoded().

Parameters:

pk - the public key that is to be put inside this certification request

sub - the Subject's name

attr - the Subject's attributes Creation date: (20.05.00 18:46:46)

Throws:

ASN1Exception

InvalidKeyException

Method Detail

getAttributes

public List getAttributes()

Returns an unmodifiable list view on the attributes. Creation date: (20.05.00 18:46:46)

Returns:

The attributes

getEncoded

public byte[] getEncoded()
                  throws ASN1Exception

Returns the DER-encoded PKCS#10 data structure.

Throws:

ASN1Exception - if an encoding problem occurs

getPublicKey

public PublicKey getPublicKey()
                       throws CorruptedCodeException,
                              NoSuchAlgorithmException

Returns the public key inside this Certification Request. Creation date: (20.08.99 21:42:03)

Throws:

CorruptedCodeException

NoSuchAlgorithmException

getPublicKeyAlgorithm

public AlgorithmIdentifier getPublicKeyAlgorithm()

Returns the AlgorithmIdentifier describing the public key's algorithm. Creation date: (20.08.99 21:42:03)

getSignature

public byte[] getSignature()

Returns the signature on this certification request that is done by appliying the corresponding private key. Creation date: (20.08.99 21:42:03)

getSubjectDN

public Name getSubjectDN()

Returns the subject's distinguished name. Creation date: (20.08.99 21:42:03)

getTBS

public byte[] getTBS()
              throws CorruptedCodeException

Returns the to-be-signed (TBS) data structure, meaning the data to be applied on the signature algorithm. This method has to be called for verifying the signature. Creation date: (20.08.99 21:42:03)

Throws:

CorruptedCodeException

setAttributes

public void setAttributes(Collection attributes)

Sets the given attributes.

Parameters:

attributes - The attributes. Creation date: (20.05.00 18:46:46)

setPublicKey

private void setPublicKey(PublicKey pk)
                   throws InvalidKeyException

Sets the public key.

Parameters:

pk - the public key to be put into this certification request Creation date: (20.08.99 21:42:03)

Throws:

InvalidKeyException

setSignature

public void setSignature(byte[] sg,
                         AlgorithmIdentifier algID)

Sets the signature. Can only be called after getTBS(). Note that the AlgorithmIdentifier algID is not copied, meaning that after calling this method, it must not be changed. Otherwise the validity of the signature is lost and the object contents are corrupted!

Parameters:

sg - the new signature

algID - the algorithm identifier that describes the signature algorithm Creation date: (20.08.99 21:42:03)

setSubjectDN

private void setSubjectDN(Name sub)

Sets the subject's distinguished name (DN).

Parameters:

sub - the distinguished name Creation date: (20.08.99 21:42:03)

toString

public String toString()

Human-readable string representation of this Certification Request. Creation date: (20.08.99 21:44:32)

Overrides:

toString in class ASN1AbstractCollection

Returns:

java.lang.String

verify

public void verify()
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException

With this method, the certification request can be verified in an easy, but less secure way. If highest security is to be obtained, getTBS(), getPublicKey() and getSignature() should be used along with an external verification. Verification is successful if the signature can be verified using the public key inside this object. Successful verification is done if no exception is thrown from this method.

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

NoSuchProviderException

SignatureException

verify

public void verify(String pro)
            throws CertificateException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException

With this method, the certification request can be verified in an easy, but less secure way. If highest security is to be obtained, getTBS(), getPublicKey() and getSignature() should be used along with an external verification. Verification is successful if the signature can be verified using the public key inside this object. Successful verification is done if no exception is thrown from this method.

Parameters:

pro - Provider to be used for signature mechanism

Throws:

CertificateException

NoSuchAlgorithmException

InvalidKeyException

NoSuchProviderException

SignatureException