Class PolicyConstraintsExtension

java.lang.Object
org.mozilla.jss.netscape.security.x509.Extension
org.mozilla.jss.netscape.security.x509.PolicyConstraintsExtension
All Implemented Interfaces:
Serializable, CertAttrSet

public class PolicyConstraintsExtension extends Extension implements CertAttrSet
This class defines the certificate extension which specifies the Policy constraints.

The policy constraints extension can be used in certificates issued to CAs. The policy constraints extension constrains path validation in two ways. It can be used to prohibit policy mapping or require that each certificate in a path contain an acceptable policy identifier.

The ASN.1 syntax for this is (IMPLICIT tagging is defined in the module definition):

 PolicyConstraints ::= SEQUENCE {
     requireExplicitPolicy [0] SkipCerts OPTIONAL,
     inhibitPolicyMapping  [1] SkipCerts OPTIONAL
 }
 SkipCerts ::= INTEGER (0..MAX)
 
Version:
1.9
See Also:
  • Field Details

  • Constructor Details

    • PolicyConstraintsExtension

      public PolicyConstraintsExtension(boolean crit, int require, int inhibit) throws IOException
      Create a PolicyConstraintsExtension object with criticality and both require explicit policy and inhibit policy mapping.
      Parameters:
      crit - whether this extension should be critical
      require - require explicit policy (-1 for optional).
      inhibit - inhibit policy mapping (-1 for optional).
      Throws:
      IOException
    • PolicyConstraintsExtension

      public PolicyConstraintsExtension(int require, int inhibit) throws IOException
      Create a PolicyConstraintsExtension object with both require explicit policy and inhibit policy mapping.
      Parameters:
      require - require explicit policy (-1 for optional).
      inhibit - inhibit policy mapping (-1 for optional).
      Throws:
      IOException
    • PolicyConstraintsExtension

      public PolicyConstraintsExtension(Boolean critical, Object value) throws IOException
      Create the extension from its DER encoded value and criticality.
      Parameters:
      critical - true if the extension is to be treated as critical.
      value - Array of DER encoded bytes of the actual value.
      Throws:
      IOException - on error.
  • Method Details

    • encodeThis

      private void encodeThis() throws IOException
      Throws:
      IOException
    • init

      private void init(boolean crit, int require, int inhibit) throws IOException
      Throws:
      IOException
    • toString

      public String toString()
      Return the extension as user readable string.
      Specified by:
      toString in interface CertAttrSet
      Overrides:
      toString in class Extension
      Returns:
      value of this certificate attribute in printable form.
    • decode

      public void decode(InputStream in) throws IOException
      Decode the extension from the InputStream.
      Specified by:
      decode in interface CertAttrSet
      Parameters:
      in - the InputStream to unmarshal the contents from.
      Throws:
      IOException - on decoding or validity errors.
    • encode

      public void encode(OutputStream out) throws IOException
      Write the extension to the DerOutputStream.
      Specified by:
      encode in interface CertAttrSet
      Parameters:
      out - the DerOutputStream to write the extension to.
      Throws:
      IOException - on encoding errors.
    • set

      public void set(String name, Object obj) throws IOException
      Set the attribute value.
      Specified by:
      set in interface CertAttrSet
      Parameters:
      name - the name of the attribute (e.g. "x509.info.key")
      obj - the attribute object.
      Throws:
      IOException - on other errors.
    • get

      public Object get(String name) throws IOException
      Get the attribute value.
      Specified by:
      get in interface CertAttrSet
      Parameters:
      name - the name of the attribute to return.
      Returns:
      attribute value
      Throws:
      IOException - on other errors.
    • delete

      public void delete(String name) throws IOException
      Delete the attribute value.
      Specified by:
      delete in interface CertAttrSet
      Parameters:
      name - the name of the attribute to delete.
      Throws:
      IOException - on other errors.
    • getAttributeNames

      public Enumeration<String> getAttributeNames()
      Return an enumeration of names of attributes existing within this attribute.
      Specified by:
      getAttributeNames in interface CertAttrSet
      Returns:
      an enumeration of the attribute names.
    • getName

      public String getName()
      Return the name of this attribute.
      Specified by:
      getName in interface CertAttrSet
      Returns:
      the name of this CertAttrSet.
    • getRequireExplicitMapping

      public int getRequireExplicitMapping()
      returns the requireExplicitMapping parameter.
    • getInhibitPolicyMapping

      public int getInhibitPolicyMapping()
      returns the inhibitPolicyMapping parameter.