Class PolicyConstraintsExtension

  • All Implemented Interfaces:
    java.io.Serializable, CertAttrSet

    public class PolicyConstraintsExtension
    extends Extension
    implements CertAttrSet
    This class defines the certificate extension which specifies the Policy constraints.

    The policy constraints extension can be used in certificates issued to CAs. The policy constraints extension constrains path validation in two ways. It can be used to prohibit policy mapping or require that each certificate in a path contain an acceptable policy identifier.

    The ASN.1 syntax for this is (IMPLICIT tagging is defined in the module definition):

     PolicyConstraints ::= SEQUENCE {
         requireExplicitPolicy [0] SkipCerts OPTIONAL,
         inhibitPolicyMapping  [1] SkipCerts OPTIONAL
     }
     SkipCerts ::= INTEGER (0..MAX)
     
    Version:
    1.9
    Author:
    Amit Kapoor, Hemma Prafullchandra
    See Also:
    Extension, CertAttrSet, Serialized Form
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String IDENT
      Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
      static java.lang.String INHIBIT  
      static java.lang.String NAME
      Attribute names.
      static java.lang.String REQUIRE  
    • Constructor Summary

      Constructors 
      Constructor Description
      PolicyConstraintsExtension​(boolean crit, int require, int inhibit)
      Create a PolicyConstraintsExtension object with criticality and both require explicit policy and inhibit policy mapping.
      PolicyConstraintsExtension​(int require, int inhibit)
      Create a PolicyConstraintsExtension object with both require explicit policy and inhibit policy mapping.
      PolicyConstraintsExtension​(java.lang.Boolean critical, java.lang.Object value)
      Create the extension from its DER encoded value and criticality.
    • Field Detail

      • IDENT

        public static final java.lang.String IDENT
        Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
        See Also:
        Constant Field Values
    • Constructor Detail

      • PolicyConstraintsExtension

        public PolicyConstraintsExtension​(boolean crit,
                                          int require,
                                          int inhibit)
                                   throws java.io.IOException
        Create a PolicyConstraintsExtension object with criticality and both require explicit policy and inhibit policy mapping.
        Parameters:
        critical - whether this extension should be critical
        require - require explicit policy (-1 for optional).
        inhibit - inhibit policy mapping (-1 for optional).
        Throws:
        java.io.IOException
      • PolicyConstraintsExtension

        public PolicyConstraintsExtension​(int require,
                                          int inhibit)
                                   throws java.io.IOException
        Create a PolicyConstraintsExtension object with both require explicit policy and inhibit policy mapping.
        Parameters:
        require - require explicit policy (-1 for optional).
        inhibit - inhibit policy mapping (-1 for optional).
        Throws:
        java.io.IOException
      • PolicyConstraintsExtension

        public PolicyConstraintsExtension​(java.lang.Boolean critical,
                                          java.lang.Object value)
                                   throws java.io.IOException
        Create the extension from its DER encoded value and criticality.
        Parameters:
        critical - true if the extension is to be treated as critical.
        value - Array of DER encoded bytes of the actual value.
        Throws:
        java.io.IOException - on error.
    • Method Detail

      • toString

        public java.lang.String toString()
        Return the extension as user readable string.
        Specified by:
        toString in interface CertAttrSet
        Overrides:
        toString in class Extension
        Returns:
        value of this certificate attribute in printable form.
      • decode

        public void decode​(java.io.InputStream in)
                    throws java.io.IOException
        Decode the extension from the InputStream.
        Specified by:
        decode in interface CertAttrSet
        Parameters:
        in - the InputStream to unmarshal the contents from.
        Throws:
        java.io.IOException - on decoding or validity errors.
      • encode

        public void encode​(java.io.OutputStream out)
                    throws java.io.IOException
        Write the extension to the DerOutputStream.
        Specified by:
        encode in interface CertAttrSet
        Parameters:
        out - the DerOutputStream to write the extension to.
        Throws:
        java.io.IOException - on encoding errors.
      • set

        public void set​(java.lang.String name,
                        java.lang.Object obj)
                 throws java.io.IOException
        Set the attribute value.
        Specified by:
        set in interface CertAttrSet
        Parameters:
        name - the name of the attribute (e.g. "x509.info.key")
        obj - the attribute object.
        Throws:
        java.io.IOException - on other errors.
      • get

        public java.lang.Object get​(java.lang.String name)
                             throws java.io.IOException
        Get the attribute value.
        Specified by:
        get in interface CertAttrSet
        Parameters:
        name - the name of the attribute to return.
        Throws:
        java.io.IOException - on other errors.
      • delete

        public void delete​(java.lang.String name)
                    throws java.io.IOException
        Delete the attribute value.
        Specified by:
        delete in interface CertAttrSet
        Parameters:
        name - the name of the attribute to delete.
        Throws:
        java.io.IOException - on other errors.
      • getAttributeNames

        public java.util.Enumeration<java.lang.String> getAttributeNames()
        Return an enumeration of names of attributes existing within this attribute.
        Specified by:
        getAttributeNames in interface CertAttrSet
        Returns:
        an enumeration of the attribute names.
      • getName

        public java.lang.String getName()
        Return the name of this attribute.
        Specified by:
        getName in interface CertAttrSet
        Returns:
        the name of this CertAttrSet.
      • getRequireExplicitMapping

        public int getRequireExplicitMapping()
        returns the requireExplicitMapping parameter.
      • getInhibitPolicyMapping

        public int getInhibitPolicyMapping()
        returns the inhibitPolicyMapping parameter.