Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.rsa.certj.crmf

Class PKIArchiveOptions

java.lang.Object
  |
  +--com.rsa.certj.crmf.Control
        |
        +--com.rsa.certj.crmf.PKIArchiveOptions
All Implemented Interfaces:
Cloneable, Serializable
public class PKIArchiveOptions
extends Control
implements Cloneable, Serializable

This class holds, encodes, and decodes the PKI Archive OPtions control. It is defined in CRMF.

The pkiArchiveOptions control enables subscribers to supply information needed to establish an archive of the private key corresponding to the public key of the certification request. It is defined by the following syntax: 

 PKIArchiveOptions ::= CHOICE {
    encryptedPrivKey     [0] EncryptedKey,
    -- the actual value of the private key
    keyGenParameters     [1] KeyGenParameters,
    -- parameters which allow the private key to be re-generated
    archiveRemGenPrivKey [2] BOOLEAN }
    -- set to TRUE if sender wishes receiver to archive the private
    -- key of a key pair which the receiver generates in response to
    -- this request; set to FALSE if no archival is desired.

 EncryptedKey ::= CHOICE {
    encryptedValue        EncryptedValue,
    envelopedData     [0] EnvelopedData }
    -- The encrypted private key MUST be placed in the envelopedData
    -- encryptedContentInfo encryptedContent OCTET STRING.

 EncryptedValue ::= SEQUENCE {
    intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
    -- the intended algorithm for which the value will be used
    symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
    -- the symmetric algorithm used to encrypt the value
    encSymmKey    [2] BIT STRING           OPTIONAL,
    -- the (encrypted) symmetric key used to encrypt the value
    keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
    -- algorithm used to encrypt the symmetric key
    valueHint     [4] OCTET STRING         OPTIONAL,
    -- a brief description or identifier of the encValue content
    -- (may be meaningful only to the sending entity, and used only
    -- if EncryptedValue might be re-examined by the sending entity
    -- in the future)
      encValue       BIT STRING }

 KeyGenParameters ::= OCTET STRING
   -- An alternative to sending the key is to send the information about
   -- how to re-generate the key using the KeyGenParameters choice (e.g.,
   -- for many RSA implementations one could send the first random numbers
   -- tested for primality). The actual syntax for this parameter may be
   -- defined in a subsequent version of this document or in another
   -- standard.

Copyright © RSA Security Inc., 2000-2001. All rights reserved.

See Also

Serialized Form

Fields inherited from class com.rsa.certj.crmf.Control
AUTHENTICATOR, NON_STANDARD, OLD_CERT_ID, PKI_ARCHIVE_OPTIONS, PKI_PUBLICATION_INFO, PROTOCOL_ENCR_KEY, REG_TOKEN
 

Constructor Summary
PKIArchiveOptions()

Constructs an empty PKIArchiveOptions object.
 

Method Summary

 Object

 clone()

Overrides the default clone method to get a deeper clone.

 boolean

 equals(Object obj)

Returns true if this object and obj contain the same PKIArchiveOptions , returns false otherwise.

 boolean

 getArchivePrivateKey()

Gets the Archive Private Key flag

 EncryptedKey

 getEncryptedKey()

Gets the EncryptedKey structure that holds the actual value of the private key

 byte[]

 getParameters()

Gets the Key Generation Parameters

 void

 setArchivePrivateKey(boolean flag)

Sets the Archive Private Key flag

 void

 setEncryptedKey(EncryptedKey encKey)

Sets the EncryptedKey structure that holds the actual value of the private key

 void

 setParameters(byte[] param, int offset, int len)

Sets the Key Generation Parameters
 
Methods inherited from class com.rsa.certj.crmf.Control
compareOID, derEncodeControlLen, getControlType, getControlTypeString, getDEREncoding, getDERLen, getInstance, getInstance, getNextBEROffset, getOID, isControlType, setEnvironment
 
Methods inherited from class java.lang.Object
getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PKIArchiveOptions

public PKIArchiveOptions()
Constructs an empty PKIArchiveOptions object.
Method Detail

setEncryptedKey

public void setEncryptedKey(EncryptedKey encKey)
                     throws CRMFException
Sets the EncryptedKey structure that holds the actual value of the private key

Parameters

         encKey  

The EncryptedKey structure

Throws

CRMFException - If the passed value is null

getEncryptedKey

public EncryptedKey getEncryptedKey()
Gets the EncryptedKey structure that holds the actual value of the private key

Returns

The EncryptedKey structure; returns null if this value is not set

setParameters

public void setParameters(byte[] param,
                          int offset,
                          int len)
                   throws CRMFException
Sets the Key Generation Parameters

Parameters

         param  

The parameters which alllow the private key to be re-generated

         offset  

The offset into param array

         len  

The length of the parameters

Throws

CRMFException - If the passed value is null

getParameters

public byte[] getParameters()
Gets the Key Generation Parameters

Returns

The parameters which alllow the private key to be re-generated; returns null if parameters are not set

setArchivePrivateKey

public void setArchivePrivateKey(boolean flag)
Sets the Archive Private Key flag

Parameters

         flag  

The boolean that if set to TRUE indicates that sender wishes receiver to archive the private key of a key pair which the receiver generates in response to this request; set to FALSE if no archival is desired.

getArchivePrivateKey

public boolean getArchivePrivateKey()
Gets the Archive Private Key flag

Returns

The boolean that if set to TRUE indicates that sender wishes receiver to archive the private key of a key pair which the receiver generates in response to this request; set to FALSE if no archival is desired.

clone

public Object clone()
             throws CloneNotSupportedException
Overrides the default clone method to get a deeper clone.

Overrides

clone in class Control

Returns

A new PKIArchiveOptionsobject, a copy of this object.

Throws

CloneNotSupportedException - If the cloning operation is not successful.

equals

public boolean equals(Object obj)
Returns true if this object and obj contain the same PKIArchiveOptions , returns false otherwise.

Overrides

equals in class Control

Parameters

         obj  

The instance of PKIArchiveOptions object

Returns

A boolean that indicates whether these objects are equal.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
RSA BSAFE ® Cert-J 2.1.1 001-047007-211-001-000