be.cardon.cryptoapi
Class CAPICertificate

java.lang.Object
  extended by be.cardon.cryptoapi.CAPICertificate

public class CAPICertificate
extends java.lang.Object

High level class for the CERT_CONTEXT CryptoAPI structure


Constructor Summary
CAPICertificate()
          Creates a new instance of CAPICertificate, allocates memory for a CERT_CONTEXT structure.
CAPICertificate(int address)
           
CAPICertificate(StructCERT_CONTEXT certContext)
          Creates a new instance of CAPICertificate with the given CERT_CONTEXT structure address.
 
Method Summary
 byte[] CertEncoded()
          Returns the encoded certificate (format ?).
 java.security.cert.Certificate getCertificate()
          Returns the java.security.cert.Certificate object (uses the default X.509 CertificateFactory)
 java.lang.String getIssuerRDN()
          Returns the Issuer RDN in X500 format.
 java.lang.String getIssuerSerialNumber()
          Returns the issuer serial number in hexadecimal (without spaces).
 StructCERT_CONTEXT GetNativeStructCERT_CONTEXT()
          Returns the wrapper for the CERT_CONTEXT structure.
 CAPIPrivateKey getPrivateKey(char[] password)
          return the Private Key WARNING !
 CAPIPrivateKey getPrivateKey(int dwFlags, char[] password)
          return the Private Key, dwFlags for CryptAcquireCertificatePrivateKey function WARNING !
 java.security.cert.X509Certificate getX509Certificate()
          Returns the java.security.cert.X09Certificate object (converts getCertificate() )
 boolean hasPrivateKey()
          Returns TRUE if the certificate has a CERT_KEY_PROV_INFO_PROP_ID property or a CERT_KEY_CONTEXT_PROP_ID property.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CAPICertificate

public CAPICertificate(StructCERT_CONTEXT certContext)
Creates a new instance of CAPICertificate with the given CERT_CONTEXT structure address.


CAPICertificate

public CAPICertificate(int address)
                throws CryptoAPIException
Throws:
CryptoAPIException

CAPICertificate

public CAPICertificate()
                throws CryptoAPIException
Creates a new instance of CAPICertificate, allocates memory for a CERT_CONTEXT structure.

Throws:
CryptoAPIException
Method Detail

GetNativeStructCERT_CONTEXT

public StructCERT_CONTEXT GetNativeStructCERT_CONTEXT()
Returns the wrapper for the CERT_CONTEXT structure.


hasPrivateKey

public boolean hasPrivateKey()
                      throws CryptoAPIException
Returns TRUE if the certificate has a CERT_KEY_PROV_INFO_PROP_ID property or a CERT_KEY_CONTEXT_PROP_ID property.

Throws:
CryptoAPIException

getPrivateKey

public CAPIPrivateKey getPrivateKey(char[] password)
                             throws CryptoAPIException
return the Private Key

WARNING !

The password should be null. This is the default case. The CSP (cryptographic service provider) will display a window (PIN, or other) to the user if needed.

You can also give a password (PIN) programatically. The CSP MUST support the function CryptoAPI function CryptSetProvParam with PP_SIGNATURE_PIN or PP_KEYEXCHANGE_PIN. Most CSP like the Microsoft Basic CSP or the Belgian eid middleware doesn't support this function. The CSP from 'Nexus Personal' has been tested with that. All CSP supporting Smard Card Windows logon should support this function.

.

The password doesn't support Unicode (CryptoAPI use byte[], not char[]). In the future, we will create a property to choose the encoding for password.

Throws:
CryptoAPIException - if the CryptSetProvParam function is not supported for PIN (PINNotSupportedException), or other error.

getPrivateKey

public CAPIPrivateKey getPrivateKey(int dwFlags,
                                    char[] password)
                             throws CryptoAPIException
return the Private Key, dwFlags for CryptAcquireCertificatePrivateKey function

WARNING !

The password should be null. This is the default case. The CSP (cryptographic service provider) will display a window (PIN, or other) to the user if needed.

You can also give a password (PIN) programatically. The CSP MUST support the function CryptoAPI function CryptSetProvParam with PP_SIGNATURE_PIN or PP_KEYEXCHANGE_PIN. Most CSP like the Microsoft Basic CSP or the Belgian eid middleware doesn't support this function. The CSP from 'Nexus Personal' has been tested with that. All CSP supporting Smard Card Windows logon should support this function.

.

The password doesn't support Unicode (CryptoAPI use byte[], not char[]). In the future, we will create a property to choose the encoding for password.

Throws:
CryptoAPIException - if the CryptSetProvParam function is not supported for PIN (PINNotSupportedException), or other error.

getIssuerRDN

public java.lang.String getIssuerRDN()
                              throws CryptoAPIException
Returns the Issuer RDN in X500 format.

Throws:
CryptoAPIException

getIssuerSerialNumber

public java.lang.String getIssuerSerialNumber()
                                       throws CryptoAPIException
Returns the issuer serial number in hexadecimal (without spaces).

Throws:
CryptoAPIException

CertEncoded

public byte[] CertEncoded()
                   throws CryptoAPIException
Returns the encoded certificate (format ?).

Throws:
CryptoAPIException

getCertificate

public java.security.cert.Certificate getCertificate()
                                              throws java.security.cert.CertificateException,
                                                     CryptoAPIException
Returns the java.security.cert.Certificate object (uses the default X.509 CertificateFactory)

Throws:
java.security.cert.CertificateException
CryptoAPIException

getX509Certificate

public java.security.cert.X509Certificate getX509Certificate()
                                                      throws java.security.cert.CertificateException,
                                                             CryptoAPIException
Returns the java.security.cert.X09Certificate object (converts getCertificate() )

Throws:
java.security.cert.CertificateException
CryptoAPIException