public class CertificatePair extends ASN1Encodable
crossCertificatePairATTRIBUTE::={ WITH SYNTAX CertificatePair EQUALITY MATCHING RULE certificatePairExactMatch ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
The forward elements of the crossCertificatePair attribute of a CA's directory entry shall be used to store all, except self-issued certificates issued to this CA. Optionally, the reverse elements of the crossCertificatePair attribute, of a CA's directory entry may contain a subset of certificates issued by this CA to other CAs. When both the forward and the reverse elements are present in a single attribute value, issuer name in one certificate shall match the subject name in the other and vice versa, and the subject public key in one certificate shall be capable of verifying the digital signature on the other certificate and vice versa. When a reverse element is present, the forward element value and the reverse element value need not be stored in the same attribute value; in other words, they can be stored in either a single attribute value or two attribute values.
CertificatePair ::= SEQUENCE { forward [0] Certificate OPTIONAL, reverse [1] Certificate OPTIONAL, -- at least one of the pair shall be present -- }
Modifier and Type | Field and Description |
---|---|
private X509CertificateStructure |
forward |
private X509CertificateStructure |
reverse |
BER, DER
Modifier | Constructor and Description |
---|---|
private |
CertificatePair(ASN1Sequence seq)
Constructor from ASN1Sequence.
|
|
CertificatePair(X509CertificateStructure forward,
X509CertificateStructure reverse)
Constructor from a given details.
|
Modifier and Type | Method and Description |
---|---|
X509CertificateStructure |
getForward() |
static CertificatePair |
getInstance(java.lang.Object obj) |
X509CertificateStructure |
getReverse() |
DERObject |
toASN1Object()
Produce an object suitable for an ASN1OutputStream.
|
equals, getDEREncoded, getDERObject, getEncoded, getEncoded, hashCode
private X509CertificateStructure forward
private X509CertificateStructure reverse
private CertificatePair(ASN1Sequence seq)
CertificatePair ::= SEQUENCE { forward [0] Certificate OPTIONAL, reverse [1] Certificate OPTIONAL, -- at least one of the pair shall be present -- }
seq
- The ASN.1 sequence.public CertificatePair(X509CertificateStructure forward, X509CertificateStructure reverse)
forward
- Certificates issued to this CA.reverse
- Certificates issued by this CA to other CAs.public static CertificatePair getInstance(java.lang.Object obj)
public DERObject toASN1Object()
CertificatePair ::= SEQUENCE { forward [0] Certificate OPTIONAL, reverse [1] Certificate OPTIONAL, -- at least one of the pair shall be present -- }
toASN1Object
in class ASN1Encodable
public X509CertificateStructure getForward()
public X509CertificateStructure getReverse()
Copyright © 1998-2014 Gamma Technologies. All Rights Reserved.