org.bouncycastle.asn1.isismtt.ocsp
Class CertHash
java.lang.Object
org.bouncycastle.asn1.ASN1Encodable
org.bouncycastle.asn1.isismtt.ocsp.CertHash
- All Implemented Interfaces:
- DEREncodable
public class CertHash
- extends ASN1Encodable
ISIS-MTT PROFILE: The responder may include this extension in a response to
send the hash of the requested certificate to the responder. This hash is
cryptographically bound to the certificate and serves as evidence that the
certificate is known to the responder (i.e. it has been issued and is present
in the directory). Hence, this extension is a means to provide a positive
statement of availability as described in T8.[8]. As explained in T13.[1],
clients may rely on this information to be able to validate signatures after
the expiry of the corresponding certificate. Hence, clients MUST support this
extension. If a positive statement of availability is to be delivered, this
extension syntax and OID MUST be used.
CertHash ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
certificateHash OCTET STRING
}
| Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
CertHash
public CertHash(AlgorithmIdentifier hashAlgorithm,
byte[] certificateHash)
- Constructor from a given details.
- Parameters:
hashAlgorithm - The hash algorithm identifier.certificateHash - The hash of the whole DER encoding of the certificate.
getInstance
public static CertHash getInstance(java.lang.Object obj)
getHashAlgorithm
public AlgorithmIdentifier getHashAlgorithm()
getCertificateHash
public byte[] getCertificateHash()
toASN1Object
public DERObject toASN1Object()
- Produce an object suitable for an ASN1OutputStream.
Returns:
CertHash ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
certificateHash OCTET STRING
}
- Specified by:
toASN1Object in class ASN1Encodable
- Returns:
- a DERObject