org.bouncycastle.cert.dane.DANEEntryFactory Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcpkix-fips Show documentation
Show all versions of bcpkix-fips Show documentation
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified.
package org.bouncycastle.cert.dane;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.operator.DigestCalculator;
/**
* Factory class for creating DANEEntry objects.
*/
public class DANEEntryFactory
{
private final DANEEntrySelectorFactory selectorFactory;
/**
* Base constructor.
*
* @param digestCalculator a calculator for the message digest to filter email addresses currently SHA-224.
*/
public DANEEntryFactory(DigestCalculator digestCalculator)
{
this.selectorFactory = new DANEEntrySelectorFactory(digestCalculator);
}
/**
* Return a DANEEntry for the passed in email address and certificate.
* This method sets the entry's certificate usage field to 3.
*
* @param emailAddress the emails address of interest.
* @param certificate the certificate to be associated with the email address.
* @throws DANEException in case of issue generating a matching name.
*/
public DANEEntry createEntry(String emailAddress, X509CertificateHolder certificate)
throws DANEException
{
return createEntry(emailAddress, DANEEntry.CERT_USAGE_ACCEPT, certificate);
}
/**
* Return a DANEEntry for the passed in email address and certificate.
*
* @param emailAddress the emails address of interest.
* @param certUsage the certificate usage field value to use.
* @param certificate the certificate to be associated with the email address.
* @throws DANEException in case of issue generating a matching name.
*/
public DANEEntry createEntry(String emailAddress, int certUsage, X509CertificateHolder certificate)
throws DANEException
{
if (certUsage < 0 || certUsage > 3)
{
throw new DANEException("unknown certificate usage: " + certUsage);
}
DANEEntrySelector entrySelector = selectorFactory.createSelector(emailAddress);
byte[] flags = new byte[3];
flags[DANEEntry.CERT_USAGE] = (byte)certUsage;
flags[DANEEntry.SELECTOR] = 0;
flags[DANEEntry.MATCHING_TYPE] = 0;
return new DANEEntry(entrySelector.getDomainName(), flags, certificate);
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy