|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.adobe.livecycle.signatures.client.types.CertificateSeedValueOptionSpec
public class CertificateSeedValueOptionSpec
Represents a certificate seed value dictionary. A certificate seed value dictionary provides constraining information that is used at the time the signature is applied. Before working with this class, it is recommended that you become familiar with a certificate seed value dictionary. For information, see the PDF Reference Guide.
Constructor Summary | |
---|---|
CertificateSeedValueOptionSpec()
A standard constructor that creates a CertificateSeedValueOptionSpec object. |
Method Summary | |
---|---|
int |
getFlags()
Gets the flags associated with this certificate seed value. |
byte[][] |
getIssuers()
Gets the issuers associated with this certificate seed value. |
String[] |
getKeyUsage()
Returns key-usage extension that must be present in the signing certificate. |
String[] |
getOids()
Gets the certificate policies associated with this certificate seed value. |
HashMap[] |
getSubjectDN()
Gets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. |
byte[][] |
getSubjects()
Gets the subjects associated with this certificate seed value dictionary. |
String |
getUrl()
Gets the URL that can be used to enroll for a new credential if a matching credential is not found. |
String |
getUrlType()
Returns a name indicating the usage of the URL entry. |
void |
setFlags(int flags)
Sets the flags associated with this certificate seed value. |
void |
setIssuers(byte[][] issuers)
Sets the issuers associated with this certificate seed value. |
void |
setKeyUsage(String[] keyUsage)
Sets the key-usage extension that must be present in the signing certificate. |
void |
setOids(String[] oids)
Sets the certificate policies associated with this certificate seed value. |
void |
setSubjectDN(HashMap[] subjectDN)
Sets an array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. |
void |
setSubjects(byte[][] subjects)
Sets the subjects associated with this certificate seed value dictionary. |
void |
setUrl(String url)
Sets the URL that can be used to enroll for a new credential if a matching credential is not found. |
void |
setUrlType(String urlType)
Sets a name indicating the usage of the URL entry. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CertificateSeedValueOptionSpec()
CertificateSeedValueOptionSpec
object.
Method Detail |
---|
public int getFlags()
public void setFlags(int flags)
flags
- A set of bit flags specifying the interpretation of specific
entries in this dictionary. A value of 1 for the flag means
that a signer is required to use only the specified values for
the entry. A value of 0 means that other values are
permissible. Bit positions are 1 (Subject); 2 (Issuer); 3
(OID). Default value: 0.public byte[][] getIssuers()
public void setIssuers(byte[][] issuers)
issuers
- An array of bytes containing byte-encoded X.509v3
certificates of acceptable issuers. If the signer's
certificate chains up to any of the specified issuers (either
directly or indirectly), the certificate is considered
acceptable for signing.public String[] getOids()
public void setOids(String[] oids)
oids
- An array of strings that contain Object Identifiers (OIDs) of
the certificate policies that must be present in the signing
certificate. An example of such a string is
(2.16.840.1.113733.1.7.1.1). This field is only applicable if
the value of Issuer is not empty. The certificate policies
extension is described in RFC 3280.public byte[][] getSubjects()
public void setSubjects(byte[][] subjects)
subjects
- An array of bytes containing byte-encoded X.509v3
certificates that are acceptable for signing. X.509v3
certificates are described in RFC 3280, Internet X.509 Public
Key Infrastructure, Certificate and Certificate Revocation
List (CRL) Profile.public String getUrl()
public void setUrl(String url)
url
- A URL that can be used to enroll for a new credential.public String[] getKeyUsage()
Each character in a string represents a key-usage type, where the order of the characters indicates the key-usage extension it represents. The first through ninth characters in the array, from left to right, represent the required value for the following key-usage extensions:
Any additional characters are ignored. Any missing characters or characters that are not one of the following values, should be set to 'X'. The following character values are supported:
For example, the string values '1' and '1XXXXXXXX' represent settings where the key-usage type digitalSignature must be set and the state of all other key-usage types do not matter.
The value of the corresponding flag in the Ff entry indicates whether this is a required constraint.
public void setKeyUsage(String[] keyUsage)
keyUsage
- An array of ASCII strings, where each string specifies an
acceptable key-usage extension that must be present in the signing certificate.
Multiple strings specify a range of acceptable key-usage extensions. The key-usage
extension is described in RFC 3280 (see the Bibliography).
Each character in a string represents a key-usage type, where the order of the characters indicates the key-usage extension it represents. The first through ninth characters in the array, from left to right, represent the required value for the following key-usage extensions:
Any additional characters are ignored. Any missing characters or characters that are not one of the following values, should be set to 'X'. The following character values are supported:
For example, the string values '1' and '1XXXXXXXX' represent settings where the key-usage type digitalSignature must be set and the state of all other key-usage types do not matter.
The value of the corresponding flag in the Ff entry indicates whether this is a required constraint.
public HashMap[] getSubjectDN()
An array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. The certificate must at a minimum contain all the attributes specified in the dictionary.
That is, the certificate can contain additional attributes. The Subject Distinguished Name is described in RFC 3280. The key can be any legal attribute identifier. Attribute names are typically of the form 'cn', 'o', 'email', '2.5.4.43' and always contain characters in the set a-z, A-Z, 0-9 and '.'.
Values are text strings. An example dictionary is [/cn (John Smith) /1.5.4.43 (JS)].
The value of the corresponding flag in the Ff entry indicates whether this entry is a required constraint.
public void setSubjectDN(HashMap[] subjectDN)
subjectDN
- An array of dictionaries, where each dictionary contains key value pairs, that specify the Subject Distinguished Name (DN) that must be present within the certificate for it to be acceptable for signing. The certificate must at a minimum contain all the attributes specified in the dictionary.
That is, the certificate can contain additional attributes. The Subject Distinguished Name is described in RFC 3280. The key can be any legal attribute identifier. Attribute names are typically of the form 'cn', 'o', 'email', '2.5.4.43' and always contain characters in the set a-z, A-Z, 0-9 and '.'.
Values are text strings. An example dictionary is [/cn (John Smith) /1.5.4.43 (JS)].
The value of the corresponding flag in the Ff entry indicates whether this entry is a required constraint.
public String getUrlType()
A name indicating the usage of the URL entry. There are standard uses and there can be implementation specific uses for this URL. The following value specifies a valid standard usage:
Browser
The URL references content that should be displayed in a web
browser to allow enrolling for a new credential if a matching credential
is not found. The Ff attribute's URL bit is ignored for this usage.
The following value specifies a valid implementation specific usage, defined for use by Adobe Systems:
ASSP
The URL references a signature web service that can be used for
server based signing. If the Ff attribute's URL bit indicates that this is a
required constraint, this implies that the credential used when signing
must come from this server.
Third parties can extend the use of this attribute with their own attribute values, which must conform to the guidelines described in Appendix E of the PDF Reference 1.7.
The default value is Browser
.
public void setUrlType(String urlType)
urlType
- A name indicating the usage of the URL entry. There are standard uses and there can be implementation specific uses for this URL. The following value specifies a valid standard usage:
Browser
The URL references content that should be displayed in a web
browser to allow enrolling for a new credential if a matching credential
is not found. The Ff attribute's URL bit is ignored for this usage.
The following value specifies a valid implementation specific usage, defined for use by Adobe Systems:
ASSP
The URL references a signature web service that can be used for
server based signing. If the Ff attribute's URL bit indicates that this is a
required constraint, this implies that the credential used when signing
must come from this server.
Third parties can extend the use of this attribute with their own attribute values, which must conform to the guidelines described in Appendix E of the PDF Reference 1.7.
The default value is Browser
.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |