Package com.adobe.livecycle.signatures.client.types
Classpublic class CertificateSeedValueOptionSpec
InheritanceCertificateSeedValueOptionSpec Inheritance Object

Represents a certificate seed value dictionary. Before working with this class, it is recommended that you become familiar with a certificate seed value dictionary. For information, see the PDF Reference Guide.


Public Methods
 MethodDefined by
  
CertificateSeedValueOptionSpec()
CertificateSeedValueOptionSpec
  
int getFlags()
Gets the flags associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
byte[][] getIssuers()
Gets the issuers associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
String[] getKeyUsage()
Returns key-usage extension that must be present in the signing certificate.
CertificateSeedValueOptionSpec
  
String[] getOids()
Gets the certificate policies associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
HashMap getSubjectDN()
Gets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing.
CertificateSeedValueOptionSpec
  
byte[][] getSubjects()
Gets the subjects associated with this certificate seed value dictionary.
CertificateSeedValueOptionSpec
  
String getUrl()
Gets the URL that can be used to enroll for a new credential if a matching credential is not found.
CertificateSeedValueOptionSpec
  
String getUrlType()
Returns a name indicating the usage of the URL entry.
CertificateSeedValueOptionSpec
  
void setFlags(int flags)
Sets the flags associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
void setIssuers(byte[][] issuers)
Sets the issuers associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
void setKeyUsage(String[] keyUsage)
Sets the key-usage extension that must be present in the signing certificate.
CertificateSeedValueOptionSpec
  
void setOids(String[] oids)
Sets the certificate policies associated with this certificate seed value.
CertificateSeedValueOptionSpec
  
void setSubjectDN(HashMap subjectDN)
Sets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing.
CertificateSeedValueOptionSpec
  
void setSubjects(byte[][] subjects)
Sets the subjects associated with this certificate seed value dictionary.
CertificateSeedValueOptionSpec
  
void setUrl(String url)
Sets the URL that can be used to enroll for a new credential if a matching credential is not found.
CertificateSeedValueOptionSpec
  
void setUrlType(String urlType)
Sets a name indicating the usage of the URL entry.
CertificateSeedValueOptionSpec
Constructor Detail
CertificateSeedValueOptionSpec()
public CertificateSeedValueOptionSpec()
Method Detail
getFlags()
public int getFlags()

Gets the flags associated with this certificate seed value.

Returns
A set of bit flags specifying the interpretation of specific entries in this dictionary. A value of 1 for the flag means that a signer is required to use only the specified values for the entry. A value of 0 means that other values are permissible. Bit positions are 1 (Subject); 2 (Issuer); 3 (OID); 4 (SubjectDN); 5 (Reserved); 6 (KeyUsage); 7 (URL). Default value: 0.
getIssuers() 
public byte[][] getIssuers()

Gets the issuers associated with this certificate seed value.

Returns
An array of bytes containing byte-encoded X.509v3 certificates of acceptable issuers. If the signer's certificate chains up to any of the specified issuers (either directly or indirectly), the certificate is considered acceptable for signing.
getKeyUsage() 
public String[] getKeyUsage()

Returns key-usage extension that must be present in the signing certificate.

Returns
An array of ASCII strings, where each string specifies an acceptable key-usage extension that must be present in the signing certificate. Multiple strings specify a range of acceptable key-usage extensions. The key-usage extension is described in RFC 3280 (see the Bibliography).

Each character in a string represents a key-usage type, where the order of the characters indicates the key-usage extension it represents. The first through ninth characters in the array, from left to right, represent the required value for the following key-usage extensions:

  • 1 digitalSignature
  • 2 non-Repudiation
  • 3 keyEncipherment
  • 4 dataEncipherment
  • 5 keyAgreement
  • 6 keyCertSign
  • 7 cRLSign
  • 8 encipherOnly
  • 9 decipherOnly

    • Any additional characters are ignored. Any missing characters or characters that are not one of the following values, should be set to 'X'. The following character values are supported:

  • 0 Corresponding key-usage must not be set.
  • 1 Corresponding key-usage must be set.
  • X State of the corresponding key-usage does not matter.

    • For example, the string values '1' and '1XXXXXXXX' represent settings where the key-usage type digitalSignature must be set and the state of all other key-usage types do not matter.

    The value of the corresponding flag in the Ff entry indicates whether this is a required constraint.
    getOids() 
    public String[] getOids()

    Gets the certificate policies associated with this certificate seed value.

    Returns
    An array of strings that contain Object Identifiers (OIDs) of the certificate policies that must be present in the signing certificate. An example of such a string is (2.16.840.1.113733.1.7.1.1). This field is only applicable if the value of Issuer is not empty. The certificate policies extension is described in RFC 3280.
    getSubjectDN() 
    public HashMap getSubjectDN()

    Gets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing.

    Returns

    An array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. The certificate must at a minimum contain all the attributes specified in the dictionary.

    That is, the certificate can contain additional attributes. The Subject Distinguished Name is described in RFC 3280. The key can be any legal attribute identifier. Attribute names are typically of the form 'cn', 'o', 'email', '2.5.4.43' and always contain characters in the set a-z, A-Z, 0-9 and '.'.

    Values are text strings. An example dictionary is [/cn (John Smith) /1.5.4.43 (JS)].

    The value of the corresponding flag in the Ff entry indicates whether this entry is a required constraint.
    getSubjects() 
    public byte[][] getSubjects()

    Gets the subjects associated with this certificate seed value dictionary.

    Returns
    An array of bytes containing byte encoding of X.509v3 certificates that are acceptable for signing. X.509v3 certificates are described in RFC 3280, Internet X.509 Public Key Infrastructure, Certificate and Certificate Revocation List (CRL) Profile.
    getUrl() 
    public String getUrl()

    Gets the URL that can be used to enroll for a new credential if a matching credential is not found.

    Returns
    A URL that can be used to enroll for a new credential.
    getUrlType() 
    public String getUrlType()

    Returns a name indicating the usage of the URL entry.

    Returns

    A name indicating the usage of the URL entry. There are standard uses and there can be implementation specific uses for this URL. The following value specifies a valid standard usage:

    Browser The URL references content that should be displayed in a web browser to allow enrolling for a new credential if a matching credential is not found. The Ff attribute's URL bit is ignored for this usage.

    The following value specifies a valid implementation specific usage, defined for use by Adobe Systems:

    ASSP The URL references a signature web service that can be used for server based signing. If the Ff attribute's URL bit indicates that this is a required constraint, this implies that the credential used when signing must come from this server.

    Third parties can extend the use of this attribute with their own attribute values, which must conform to the guidelines described in Appendix E of the PDF Reference 1.7.

    The default value is Browser.
    setFlags() 
    public void setFlags(int flags)

    Sets the flags associated with this certificate seed value.

    Parameters

    flags — A set of bit flags specifying the interpretation of specific entries in this dictionary. A value of 1 for the flag means that a signer is required to use only the specified values for the entry. A value of 0 means that other values are permissible. Bit positions are 1 (Subject); 2 (Issuer); 3 (OID). Default value: 0.

    setIssuers() 
    public void setIssuers(byte[][] issuers)

    Sets the issuers associated with this certificate seed value.

    Parameters

    issuers — An array of bytes containing byte-encoded X.509v3 certificates of acceptable issuers. If the signer's certificate chains up to any of the specified issuers (either directly or indirectly), the certificate is considered acceptable for signing.

    setKeyUsage() 
    public void setKeyUsage(String[] keyUsage)

    Sets the key-usage extension that must be present in the signing certificate.

    Parameters

    keyUsage — An array of ASCII strings, where each string specifies an acceptable key-usage extension that must be present in the signing certificate. Multiple strings specify a range of acceptable key-usage extensions. The key-usage extension is described in RFC 3280 (see the Bibliography).

    Each character in a string represents a key-usage type, where the order of the characters indicates the key-usage extension it represents. The first through ninth characters in the array, from left to right, represent the required value for the following key-usage extensions:

  • 1 digitalSignature
  • 2 non-Repudiation
  • 3 keyEncipherment
  • 4 dataEncipherment
  • 5 keyAgreement
  • 6 keyCertSign
  • 7 cRLSign
  • 8 encipherOnly
  • 9 decipherOnly

    • Any additional characters are ignored. Any missing characters or characters that are not one of the following values, should be set to 'X'. The following character values are supported:

  • 0 Corresponding key-usage must not be set.
  • 1 Corresponding key-usage must be set.
  • X State of the corresponding key-usage does not matter.

    • For example, the string values '1' and '1XXXXXXXX' represent settings where the key-usage type digitalSignature must be set and the state of all other key-usage types do not matter.

    The value of the corresponding flag in the Ff entry indicates whether this is a required constraint.

    setOids() 
    public void setOids(String[] oids)

    Sets the certificate policies associated with this certificate seed value.

    Parameters

    oids — An array of strings that contain Object Identifiers (OIDs) of the certificate policies that must be present in the signing certificate. An example of such a string is (2.16.840.1.113733.1.7.1.1). This field is only applicable if the value of Issuer is not empty. The certificate policies extension is described in RFC 3280.

    setSubjectDN() 
    public void setSubjectDN(HashMap subjectDN)

    Sets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing.

    Parameters

    subjectDN

    An array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. The certificate must at a minimum contain all the attributes specified in the dictionary.

    That is, the certificate can contain additional attributes. The Subject Distinguished Name is described in RFC 3280. The key can be any legal attribute identifier. Attribute names are typically of the form 'cn', 'o', 'email', '2.5.4.43' and always contain characters in the set a-z, A-Z, 0-9 and '.'.

    Values are text strings. An example dictionary is [/cn (John Smith) /1.5.4.43 (JS)].

    The value of the corresponding flag in the Ff entry indicates whether this entry is a required constraint.

    setSubjects() 
    public void setSubjects(byte[][] subjects)

    Sets the subjects associated with this certificate seed value dictionary.

    Parameters

    subjects — An array of bytes containing byte-encoded X.509v3 certificates that are acceptable for signing. X.509v3 certificates are described in RFC 3280, Internet X.509 Public Key Infrastructure, Certificate and Certificate Revocation List (CRL) Profile.

    setUrl() 
    public void setUrl(String url)

    Sets the URL that can be used to enroll for a new credential if a matching credential is not found.

    Parameters

    url — A URL that can be used to enroll for a new credential.

    setUrlType() 
    public void setUrlType(String urlType)

    Sets a name indicating the usage of the URL entry.

    Parameters

    urlType

    A name indicating the usage of the URL entry. There are standard uses and there can be implementation specific uses for this URL. The following value specifies a valid standard usage:

    Browser The URL references content that should be displayed in a web browser to allow enrolling for a new credential if a matching credential is not found. The Ff attribute's URL bit is ignored for this usage.

    The following value specifies a valid implementation specific usage, defined for use by Adobe Systems:

    ASSP The URL references a signature web service that can be used for server based signing. If the Ff attribute's URL bit indicates that this is a required constraint, this implies that the credential used when signing must come from this server.

    Third parties can extend the use of this attribute with their own attribute values, which must conform to the guidelines described in Appendix E of the PDF Reference 1.7.

    The default value is Browser.




    © 2004-2006 Adobe Systems Incorporated. All rights reserved.
    Thu Sep 27 2007, 8:38 AM GMT-07:00

     

    Send me an e-mail when comments are added to this page | Comment Report

    Current page: http://livedocs.adobe.com/livecycle/es/sdkHelp/programmer/javadoc/com/adobe/livecycle/signatures/client/types/CertificateSeedValueOptionSpec.html