Class PrivateKeyUsageExtension
java.lang.Object
org.mozilla.jss.netscape.security.x509.Extension
org.mozilla.jss.netscape.security.x509.PrivateKeyUsageExtension
- All Implemented Interfaces:
Serializable
,CertAttrSet
This class defines the Private Key Usage Extension.
The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the private key than the certificate. This extension is intended for use with digital signature keys. This extension consists of two optional components notBefore and notAfter. The private key associated with the certificate should not be used to sign objects before or after the times specified by the two components, respectively.
PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL }
- Version:
- 1.12
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.static final String
Sub attributes name for this CertAttrSet.static final String
static final String
private Date
private Date
private static final long
private static final byte
private static final byte
Fields inherited from class org.mozilla.jss.netscape.security.x509.Extension
critical, extensionId, extensionValue
-
Constructor Summary
ConstructorsConstructorDescriptionPrivateKeyUsageExtension
(Boolean critical, Object value) Create the extension from the passed DER encoded value.PrivateKeyUsageExtension
(Date notBefore, Date notAfter) The default constructor for PrivateKeyUsageExtension. -
Method Summary
Modifier and TypeMethodDescriptionvoid
decode
(InputStream in) Decode the extension from the InputStream.void
Delete the attribute value.void
encode
(OutputStream out) Write the extension to the OutputStream.private void
Get the attribute value.Return an enumeration of names of attributes existing within this attribute.getName()
Return the name of this attribute.Return notAfter dateReturn notBefore datevoid
Set the attribute value.toString()
Return the printable string.void
valid()
Verify that that the current time is within the validity period.void
Verify that that the passed time is within the validity period.Methods inherited from class org.mozilla.jss.netscape.security.x509.Extension
clearValue, encode, getExtensionId, getExtensionValue, isCritical, setCritical, setExtensionId, setExtensionValue
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
IDENT
Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.- See Also:
-
NAME
Sub attributes name for this CertAttrSet.- See Also:
-
NOT_BEFORE
- See Also:
-
NOT_AFTER
- See Also:
-
TAG_BEFORE
private static final byte TAG_BEFORE- See Also:
-
TAG_AFTER
private static final byte TAG_AFTER- See Also:
-
notBefore
-
notAfter
-
-
Constructor Details
-
PrivateKeyUsageExtension
The default constructor for PrivateKeyUsageExtension.- Parameters:
notBefore
- the date/time before which the private key should not be used.notAfter
- the date/time after which the private key should not be used.- Throws:
IOException
-
PrivateKeyUsageExtension
public PrivateKeyUsageExtension(Boolean critical, Object value) throws CertificateException, IOException Create the extension from the passed DER encoded value.- Parameters:
critical
- true if the extension is to be treated as critical.value
- Array of DER encoded bytes of the actual value.- Throws:
CertificateException
- on certificate parsing errors.IOException
- on error.
-
-
Method Details
-
encodeThis
- Throws:
IOException
-
toString
Return the printable string.- Specified by:
toString
in interfaceCertAttrSet
- Overrides:
toString
in classExtension
- Returns:
- value of this certificate attribute in printable form.
-
getNotBefore
Return notBefore date -
getNotAfter
Return notAfter date -
valid
Verify that that the current time is within the validity period.- Throws:
CertificateExpiredException
- if the certificate has expired.CertificateNotYetValidException
- if the certificate is not yet valid.
-
valid
Verify that that the passed time is within the validity period.- Throws:
CertificateExpiredException
- if the certificate has expired with respect to theDate
supplied.CertificateNotYetValidException
- if the certificate is not yet valid with respect to theDate
supplied.
-
encode
Write the extension to the OutputStream.- Specified by:
encode
in interfaceCertAttrSet
- Parameters:
out
- the OutputStream to write the extension to.- Throws:
IOException
- on encoding errors.
-
decode
Decode the extension from the InputStream.- Specified by:
decode
in interfaceCertAttrSet
- Parameters:
in
- the InputStream to unmarshal the contents from.- Throws:
CertificateException
- on decoding errors.
-
set
Set the attribute value.- Specified by:
set
in interfaceCertAttrSet
- Parameters:
name
- the name of the attribute (e.g. "x509.info.key")obj
- the attribute object.- Throws:
CertificateException
- on attribute handling errors.
-
get
Get the attribute value.- Specified by:
get
in interfaceCertAttrSet
- Parameters:
name
- the name of the attribute to return.- Returns:
- attribute value
- Throws:
CertificateException
- on attribute handling errors.
-
delete
Delete the attribute value.- Specified by:
delete
in interfaceCertAttrSet
- Parameters:
name
- the name of the attribute to delete.- Throws:
CertificateException
- on attribute handling errors.
-
getAttributeNames
Return an enumeration of names of attributes existing within this attribute.- Specified by:
getAttributeNames
in interfaceCertAttrSet
- Returns:
- an enumeration of the attribute names.
-
getName
Return the name of this attribute.- Specified by:
getName
in interfaceCertAttrSet
- Returns:
- the name of this CertAttrSet.
-