org.bouncycastle.asn1.x509

Class CertificatePair

public class CertificatePair extends ASN1Encodable

This class helps to support crossCerfificatePairs in a LDAP directory according RFC 2587
     crossCertificatePairATTRIBUTE::={
       WITH SYNTAX   CertificatePair
       EQUALITY MATCHING RULE certificatePairExactMatch
       ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
 
The forward elements of the crossCertificatePair attribute of a CA's directory entry shall be used to store all, except self-issued certificates issued to this CA. Optionally, the reverse elements of the crossCertificatePair attribute, of a CA's directory entry may contain a subset of certificates issued by this CA to other CAs. When both the forward and the reverse elements are present in a single attribute value, issuer name in one certificate shall match the subject name in the other and vice versa, and the subject public key in one certificate shall be capable of verifying the digital signature on the other certificate and vice versa. When a reverse element is present, the forward element value and the reverse element value need not be stored in the same attribute value; in other words, they can be stored in either a single attribute value or two attribute values.
       CertificatePair ::= SEQUENCE {
         forward        [0]    Certificate OPTIONAL,
         reverse        [1]    Certificate OPTIONAL,
         -- at least one of the pair shall be present -- } 
 
Constructor Summary
CertificatePair(X509CertificateStructure forward, X509CertificateStructure reverse)
Constructor from a given details.
Method Summary
X509CertificateStructuregetForward()
static CertificatePairgetInstance(Object obj)
X509CertificateStructuregetReverse()
DERObjecttoASN1Object()
Produce an object suitable for an ASN1OutputStream.

Constructor Detail

CertificatePair

public CertificatePair(X509CertificateStructure forward, X509CertificateStructure reverse)
Constructor from a given details.

Parameters: forward Certificates issued to this CA. reverse Certificates issued by this CA to other CAs.

Method Detail

getForward

public X509CertificateStructure getForward()

Returns: Returns the forward.

getInstance

public static CertificatePair getInstance(Object obj)

getReverse

public X509CertificateStructure getReverse()

Returns: Returns the reverse.

toASN1Object

public DERObject toASN1Object()
Produce an object suitable for an ASN1OutputStream.

Returns:

       CertificatePair ::= SEQUENCE {
         forward        [0]    Certificate OPTIONAL,
         reverse        [1]    Certificate OPTIONAL,
         -- at least one of the pair shall be present -- }
 

Returns: a DERObject