Entrust/Toolkit for Java: Class CertificateSelector

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.entrust.toolkit
Class CertificateSelector

java.lang.Object
  |
  +--com.entrust.toolkit.CertificateSelector

public class CertificateSelector
extends java.lang.Object
implements Selector

CertificateSelector implements Selector to optimize the content of a set of X.509 certificates.

Field Summary

static int CRL_SIGN


static int DATA_ENCIPHERMENT


static int DECIPHER_ONLY


static int DIGITAL_SIGNATURE


static int ENCIPHER_ONLY


static int KEY_AGREEMENT


static int KEY_CERT_SIGN


static int KEY_ENCIPHERMENT


static int NON_REPUDIATION


Constructor Summary

CertificateSelector()
           Creates a CertificateSelector object.

Method Summary

Set applyTo(Set set)
          Removes all objects from the set that do not conform to the selector's selection criteria.

AlgorithmID getAlgorithm()
          Returns the certified key's algorithm.

int getKeyUsage()
          Returns the key usage flags.

ObjectID[] getPolicyOids()
          Returns the policy oids.

java.util.Date getValidityTime()
          Returns the time at which the selected certificates must be valid.

void setAlgorithm(AlgorithmID alg)
          Specifies the algorithm of the certified key.

void setKeyUsage(int keyUsage)
           Sets the key usage.

void setPolicyOids(ObjectID[] oids)
          Specifies the policy oids.

void setValidityTime(java.util.Date time)
          Specifies a time at which the selected certificates must be valid.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DIGITAL_SIGNATURE

public static final int DIGITAL_SIGNATURE

NON_REPUDIATION

public static final int NON_REPUDIATION

KEY_ENCIPHERMENT

public static final int KEY_ENCIPHERMENT

DATA_ENCIPHERMENT

public static final int DATA_ENCIPHERMENT

KEY_AGREEMENT

public static final int KEY_AGREEMENT

KEY_CERT_SIGN

public static final int KEY_CERT_SIGN

CRL_SIGN

public static final int CRL_SIGN

ENCIPHER_ONLY

public static final int ENCIPHER_ONLY

DECIPHER_ONLY

public static final int DECIPHER_ONLY

Constructor Detail

CertificateSelector

public CertificateSelector()

Creates a CertificateSelector object.

Method Detail

setKeyUsage

public void setKeyUsage(int keyUsage)
                 throws java.lang.IllegalArgumentException

Sets the key usage.

Certificates not containing all of the specified key usage flags are removed from the set. Certificates that have all of the specified key usage flags (and more) remain in the set.

The key usage flags defined in this class can be combined using bitwise OR. The default, keyUsage = 0, selects all certificates.

Parameters:: keyUsage - the key usage flags that certificates must have
Throws:: java.lang.IllegalArgumentException - if keyUsage is not composed of the key usage constants defined in this class

getKeyUsage

public int getKeyUsage()

Returns the key usage flags. To test if dataEncipherment is set, use encipher = (sel.getKeyUsage() & DATA_ENCIPHERMENT) != 0;.

Returns:: the key usage flags
See Also:: this.setKeyUsage

setPolicyOids

public void setPolicyOids(ObjectID[] oids)

Specifies the policy oids. Certificates not containing all of the specified policy oids are removed from the set. Certificates that contain all of the specified policy oids and more remain in the set. oids may be null. In that case, all certificates are selected. The default for the policy ids is null.

Parameters:: oids - the policy oids

getPolicyOids

public ObjectID[] getPolicyOids()

Returns the policy oids.

Returns:: the policy oids
See Also:: this.setPolicyOids

setAlgorithm

public void setAlgorithm(AlgorithmID alg)

Specifies the algorithm of the certified key. Certificates for keys for all other algorithms are removed from the set. The default is null. In this case, all certificates are selected.

Parameters:: alg - the algorithm of the certified key; may be null

getAlgorithm

public AlgorithmID getAlgorithm()

Returns the certified key's algorithm.

Returns:: the algorithm of the certified key; may be null
See Also:: this.setAlgorithm

setValidityTime

public void setValidityTime(java.util.Date time)

Specifies a time at which the selected certificates must be valid. All certificates that are not valid yet or any more at the specified time are removed from the set. The certificate's fields notBefore and notAfter are used to determine if the certificate is valid. If time is null, all certificates remain in the set. This is the default.

Parameters:: time - the time at which the certificates must be valid; may be null

getValidityTime

public java.util.Date getValidityTime()

Returns the time at which the selected certificates must be valid.

Returns:: the time at which the certificate must be valid
See Also:: this.setValidityTime

applyTo

public Set applyTo(Set set)
            throws java.lang.ClassCastException,
                   java.lang.NullPointerException

Removes all objects from the set that do not conform to the selector's selection criteria.

Specified by:: applyTo in interface Selector

Parameters:: set - the set from which to remove objects
Returns:: a reference to set
Throws:: java.lang.NullPointerException - if set is null; java.lang.ClassCastException - if the class of the set contents is not handled by this selector