Class LDAPStoreHelper
- java.lang.Object
-
- org.bouncycastle.x509.util.LDAPStoreHelper
-
public class LDAPStoreHelper extends Object
This is a general purpose implementation to get X.509 certificates, CRLs, attribute certificates and cross certificates from a LDAP location.At first a search is performed in the ldap*AttributeNames of the
X509LDAPCertStoreParameters
with the given information of the subject (for all kind of certificates) or issuer (for CRLs), respectively, if aX509CertStoreSelector
orX509AttributeCertificate
is given with that details.For the used schemes see:
-
-
Constructor Summary
Constructors Constructor Description LDAPStoreHelper(X509LDAPCertStoreParameters params)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Collection
getAACertificates(X509AttributeCertStoreSelector selector)
Returns attribute certificates for an attribute authorityCollection
getAttributeAuthorityRevocationLists(X509CRLStoreSelector selector)
Returns the revocation list for revoked attribute certificates for an attribute authorityCollection
getAttributeCertificateAttributes(X509AttributeCertStoreSelector selector)
Returns an attribute certificate for an user.Collection
getAttributeCertificateRevocationLists(X509CRLStoreSelector selector)
Returns the revocation list for revoked attribute certificates.Collection
getAttributeDescriptorCertificates(X509AttributeCertStoreSelector selector)
Returns an attribute certificate for an authorityCollection
getAuthorityRevocationLists(X509CRLStoreSelector selector)
Returns the CRLs for issued certificates for other CAs matching the given selector.Collection
getCACertificates(X509CertStoreSelector selector)
Returns CA certificates.Collection
getCertificateRevocationLists(X509CRLStoreSelector selector)
Returns the certificate revocation lists for revoked certificates.Collection
getCrossCertificatePairs(X509CertPairStoreSelector selector)
Returns cross certificate pairs.Collection
getDeltaCertificateRevocationLists(X509CRLStoreSelector selector)
Returns the delta revocation list for revoked certificates.Collection
getUserCertificates(X509CertStoreSelector selector)
Returns end certificates.
-
-
-
Constructor Detail
-
LDAPStoreHelper
public LDAPStoreHelper(X509LDAPCertStoreParameters params)
-
-
Method Detail
-
getAuthorityRevocationLists
public Collection getAuthorityRevocationLists(X509CRLStoreSelector selector) throws StoreException
Returns the CRLs for issued certificates for other CAs matching the given selector.
The authorityRevocationList attribute includes revocation information regarding certificates issued to other CAs.- Parameters:
selector
- The CRL selector to use to find the CRLs.- Returns:
- A possible empty collection with CRLs
- Throws:
StoreException
-
getAttributeCertificateRevocationLists
public Collection getAttributeCertificateRevocationLists(X509CRLStoreSelector selector) throws StoreException
Returns the revocation list for revoked attribute certificates.The attributeCertificateRevocationList holds a list of attribute certificates that have been revoked.
- Parameters:
selector
- The CRL selector to use to find the CRLs.- Returns:
- A possible empty collection with CRLs.
- Throws:
StoreException
-
getAttributeAuthorityRevocationLists
public Collection getAttributeAuthorityRevocationLists(X509CRLStoreSelector selector) throws StoreException
Returns the revocation list for revoked attribute certificates for an attribute authorityThe attributeAuthorityList holds a list of AA certificates that have been revoked.
- Parameters:
selector
- The CRL selector to use to find the CRLs.- Returns:
- A possible empty collection with CRLs
- Throws:
StoreException
-
getCrossCertificatePairs
public Collection getCrossCertificatePairs(X509CertPairStoreSelector selector) throws StoreException
Returns cross certificate pairs.- Parameters:
selector
- The selector to use to find the cross certificates.- Returns:
- A possible empty collection with
X509CertificatePair
s - Throws:
StoreException
-
getUserCertificates
public Collection getUserCertificates(X509CertStoreSelector selector) throws StoreException
Returns end certificates.The attributeDescriptorCertificate is self signed by a source of authority and holds a description of the privilege and its delegation rules.
- Parameters:
selector
- The selector to find the certificates.- Returns:
- A possible empty collection with certificates.
- Throws:
StoreException
-
getAACertificates
public Collection getAACertificates(X509AttributeCertStoreSelector selector) throws StoreException
Returns attribute certificates for an attribute authorityThe aAcertificate holds the privileges of an attribute authority.
- Parameters:
selector
- The selector to find the attribute certificates.- Returns:
- A possible empty collection with attribute certificates.
- Throws:
StoreException
-
getAttributeDescriptorCertificates
public Collection getAttributeDescriptorCertificates(X509AttributeCertStoreSelector selector) throws StoreException
Returns an attribute certificate for an authorityThe attributeDescriptorCertificate is self signed by a source of authority and holds a description of the privilege and its delegation rules.
- Parameters:
selector
- The selector to find the attribute certificates.- Returns:
- A possible empty collection with attribute certificates.
- Throws:
StoreException
-
getCACertificates
public Collection getCACertificates(X509CertStoreSelector selector) throws StoreException
Returns CA certificates.The cACertificate attribute of a CA's directory entry shall be used to store self-issued certificates (if any) and certificates issued to this CA by CAs in the same realm as this CA.
- Parameters:
selector
- The selector to find the certificates.- Returns:
- A possible empty collection with certificates.
- Throws:
StoreException
-
getDeltaCertificateRevocationLists
public Collection getDeltaCertificateRevocationLists(X509CRLStoreSelector selector) throws StoreException
Returns the delta revocation list for revoked certificates.- Parameters:
selector
- The CRL selector to use to find the CRLs.- Returns:
- A possible empty collection with CRLs.
- Throws:
StoreException
-
getAttributeCertificateAttributes
public Collection getAttributeCertificateAttributes(X509AttributeCertStoreSelector selector) throws StoreException
Returns an attribute certificate for an user.The attributeCertificateAttribute holds the privileges of a user
- Parameters:
selector
- The selector to find the attribute certificates.- Returns:
- A possible empty collection with attribute certificates.
- Throws:
StoreException
-
getCertificateRevocationLists
public Collection getCertificateRevocationLists(X509CRLStoreSelector selector) throws StoreException
Returns the certificate revocation lists for revoked certificates.- Parameters:
selector
- The CRL selector to use to find the CRLs.- Returns:
- A possible empty collection with CRLs.
- Throws:
StoreException
-
-