org.bouncycastle.asn1.isismtt.ocsp

Class CertHash

Implemented Interfaces:
DEREncodable

public class CertHash
extends ASN1Encodable

ISIS-MTT PROFILE: The responder may include this extension in a response to send the hash of the requested certificate to the responder. This hash is cryptographically bound to the certificate and serves as evidence that the certificate is known to the responder (i.e. it has been issued and is present in the directory). Hence, this extension is a means to provide a positive statement of availability as described in T8.[8]. As explained in T13.[1], clients may rely on this information to be able to validate signatures after the expiry of the corresponding certificate. Hence, clients MUST support this extension. If a positive statement of availability is to be delivered, this extension syntax and OID MUST be used.

     CertHash ::= SEQUENCE {
       hashAlgorithm AlgorithmIdentifier,
       certificateHash OCTET STRING
     }
 

Field Summary

Fields inherited from class org.bouncycastle.asn1.ASN1Encodable

BER, DER

Constructor Summary

CertHash(AlgorithmIdentifier hashAlgorithm, byte[] certificateHash)
Constructor from a given details.

Method Summary

byte[]
getCertificateHash()
AlgorithmIdentifier
getHashAlgorithm()
static CertHash
getInstance(Object obj)
DERObject
toASN1Object()
Produce an object suitable for an ASN1OutputStream.

Methods inherited from class org.bouncycastle.asn1.ASN1Encodable

equals, getDEREncoded, getDERObject, getEncoded, getEncoded, hashCode, toASN1Object

Constructor Details

CertHash

public CertHash(AlgorithmIdentifier hashAlgorithm,
                byte[] certificateHash)
Constructor from a given details.
Parameters:
hashAlgorithm - The hash algorithm identifier.
certificateHash - The hash of the whole DER encoding of the certificate.

Method Details

getCertificateHash

public byte[] getCertificateHash()

getHashAlgorithm

public AlgorithmIdentifier getHashAlgorithm()

getInstance

public static CertHash getInstance(Object obj)

toASN1Object

public DERObject toASN1Object()
Produce an object suitable for an ASN1OutputStream.

Returns:

     CertHash ::= SEQUENCE {
       hashAlgorithm AlgorithmIdentifier,
       certificateHash OCTET STRING
     }
 
Overrides:
toASN1Object in interface ASN1Encodable
Returns:
a DERObject