Extensionpublic class Extension extends Object The class encapsulates the ASN.1 DER encoding/decoding work
with the Extension part of X.509 certificate
(as specified in RFC 3280 -
Internet X.509 Public Key Infrastructure.
Certificate and Certificate Revocation List (CRL) Profile.
http://www.ietf.org/rfc/rfc3280.txt):
Extension ::= SEQUENCE {
extnID OBJECT IDENTIFIER,
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING
}
|
| Fields Summary |
|---|
| public static final boolean | CRITICAL | | public static final boolean | NON_CRITICAL | | public static final int[] | SUBJ_DIRECTORY_ATTRS | | public static final int[] | SUBJ_KEY_ID | | public static final int[] | KEY_USAGE | | public static final int[] | PRIVATE_KEY_USAGE_PERIOD | | public static final int[] | SUBJECT_ALT_NAME | | public static final int[] | ISSUER_ALTERNATIVE_NAME | | public static final int[] | BASIC_CONSTRAINTS | | public static final int[] | NAME_CONSTRAINTS | | public static final int[] | CRL_DISTR_POINTS | | public static final int[] | CERTIFICATE_POLICIES | | public static final int[] | POLICY_MAPPINGS | | public static final int[] | AUTH_KEY_ID | | public static final int[] | POLICY_CONSTRAINTS | | public static final int[] | EXTENDED_KEY_USAGE | | public static final int[] | FRESHEST_CRL | | public static final int[] | INHIBIT_ANY_POLICY | | public static final int[] | AUTHORITY_INFO_ACCESS | | public static final int[] | SUBJECT_INFO_ACCESS | | public static final int[] | ISSUING_DISTR_POINT | | public static final int[] | CRL_NUMBER | | public static final int[] | CERTIFICATE_ISSUER | | public static final int[] | INVALIDITY_DATE | | public static final int[] | REASON_CODE | | public static final int[] | ISSUING_DISTR_POINTS | | private final int[] | extnID | | private String | extnID_str | | private final boolean | critical | | private final byte[] | extnValue | | private byte[] | encoding | | private byte[] | rawExtnValue | | protected ExtensionValue | extnValueObject | | private boolean | valueDecoded | | public static final org.apache.harmony.security.asn1.ASN1Sequence | ASN1X.509 Extension encoder/decoder. |
| Constructors Summary |
|---|
public Extension(String extnID, boolean critical, ExtensionValue extnValueObject)TODO
this.extnID_str = extnID;
this.extnID = ObjectIdentifier.toIntArray(extnID);
this.critical = critical;
this.extnValueObject = extnValueObject;
this.valueDecoded = true;
this.extnValue = extnValueObject.getEncoded();
| public Extension(String extnID, boolean critical, byte[] extnValue)TODO
this.extnID_str = extnID;
this.extnID = ObjectIdentifier.toIntArray(extnID);
this.critical = critical;
this.extnValue = extnValue;
| public Extension(int[] extnID, boolean critical, byte[] extnValue)TODO
this.extnID = extnID;
this.critical = critical;
this.extnValue = extnValue;
| public Extension(String extnID, byte[] extnValue)TODO
this(extnID, NON_CRITICAL, extnValue);
| public Extension(int[] extnID, byte[] extnValue)TODO
this(extnID, NON_CRITICAL, extnValue);
| private Extension(int[] extnID, boolean critical, byte[] extnValue, byte[] rawExtnValue, byte[] encoding, ExtensionValue decodedExtValue)
this(extnID, critical, extnValue);
this.rawExtnValue = rawExtnValue;
this.encoding = encoding;
this.extnValueObject = decodedExtValue;
this.valueDecoded = (decodedExtValue != null);
|
| Methods Summary |
|---|
| private void | decodeExtensionValue()
if (valueDecoded) {
return;
}
valueDecoded = true;
if (oidEquals(extnID, SUBJ_KEY_ID)) {
extnValueObject = SubjectKeyIdentifier.decode(extnValue);
} else if (oidEquals(extnID, KEY_USAGE)) {
extnValueObject = new KeyUsage(extnValue);
} else if (oidEquals(extnID, SUBJECT_ALT_NAME)) {
extnValueObject = new AlternativeName(
AlternativeName.SUBJECT, extnValue);
} else if (oidEquals(extnID, ISSUER_ALTERNATIVE_NAME)) {
extnValueObject = new AlternativeName(
AlternativeName.SUBJECT, extnValue);
} else if (oidEquals(extnID, BASIC_CONSTRAINTS)) {
extnValueObject = new BasicConstraints(extnValue);
} else if (oidEquals(extnID, NAME_CONSTRAINTS)) {
extnValueObject = NameConstraints.decode(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_POLICIES)) {
extnValueObject = CertificatePolicies.decode(extnValue);
} else if (oidEquals(extnID, AUTH_KEY_ID)) {
extnValueObject = AuthorityKeyIdentifier.decode(extnValue);
} else if (oidEquals(extnID, POLICY_CONSTRAINTS)) {
extnValueObject = new PolicyConstraints(extnValue);
} else if (oidEquals(extnID, EXTENDED_KEY_USAGE)) {
extnValueObject = new ExtendedKeyUsage(extnValue);
} else if (oidEquals(extnID, INHIBIT_ANY_POLICY)) {
extnValueObject = new InhibitAnyPolicy(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_ISSUER)) {
extnValueObject = new CertificateIssuer(extnValue);
} else if (oidEquals(extnID, CRL_DISTR_POINTS)) {
extnValueObject = CRLDistributionPoints.decode(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_ISSUER)) {
extnValueObject = new ReasonCode(extnValue);
} else if (oidEquals(extnID, INVALIDITY_DATE)) {
extnValueObject = new InvalidityDate(extnValue);
} else if (oidEquals(extnID, REASON_CODE)) {
extnValueObject = new ReasonCode(extnValue);
} else if (oidEquals(extnID, CRL_NUMBER)) {
extnValueObject = new CRLNumber(extnValue);
} else if (oidEquals(extnID, ISSUING_DISTR_POINTS)) {
extnValueObject = IssuingDistributionPoint.decode(extnValue);
} else if (oidEquals(extnID, AUTHORITY_INFO_ACCESS)) {
extnValueObject = InfoAccessSyntax.decode(extnValue);
} else if (oidEquals(extnID, SUBJECT_INFO_ACCESS)) {
extnValueObject = InfoAccessSyntax.decode(extnValue);
}
| | public void | dumpValue(java.lang.StringBuffer buffer, java.lang.String prefix)Places the string representation into the StringBuffer object.
buffer.append("OID: ").append(getExtnID()) //$NON-NLS-1$
.append(", Critical: ").append(critical).append('\n"); //$NON-NLS-1$
if (!valueDecoded) {
try {
decodeExtensionValue();
} catch (IOException e) { }
}
if (extnValueObject != null) {
extnValueObject.dumpValue(buffer, prefix);
return;
}
// else: dump unparsed hex representation
buffer.append(prefix);
if (oidEquals(extnID, SUBJ_DIRECTORY_ATTRS)) {
buffer.append("Subject Directory Attributes Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, SUBJ_KEY_ID)) {
buffer.append("Subject Key Identifier Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, KEY_USAGE)) {
buffer.append("Key Usage Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, PRIVATE_KEY_USAGE_PERIOD)) {
buffer.append("Private Key Usage Period Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, SUBJECT_ALT_NAME)) {
buffer.append("Subject Alternative Name Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, ISSUER_ALTERNATIVE_NAME)) {
buffer.append("Issuer Alternative Name Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, BASIC_CONSTRAINTS)) {
buffer.append("Basic Constraints Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, NAME_CONSTRAINTS)) {
buffer.append("Name Constraints Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, CRL_DISTR_POINTS)) {
buffer.append("CRL Distribution Points Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, CERTIFICATE_POLICIES)) {
buffer.append("Certificate Policies Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, POLICY_MAPPINGS)) {
buffer.append("Policy Mappings Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, AUTH_KEY_ID)) {
buffer.append("Authority Key Identifier Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, POLICY_CONSTRAINTS)) {
buffer.append("Policy Constraints Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, EXTENDED_KEY_USAGE)) {
buffer.append("Extended Key Usage Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, INHIBIT_ANY_POLICY)) {
buffer.append("Inhibit Any-Policy Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, AUTHORITY_INFO_ACCESS)) {
buffer.append("Authority Information Access Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, SUBJECT_INFO_ACCESS)) {
buffer.append("Subject Information Access Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, INVALIDITY_DATE)) {
buffer.append("Invalidity Date Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, CRL_NUMBER)) {
buffer.append("CRL Number Extension"); //$NON-NLS-1$
} else if (oidEquals(extnID, REASON_CODE)) {
buffer.append("Reason Code Extension"); //$NON-NLS-1$
} else {
buffer.append("Unknown Extension"); //$NON-NLS-1$
}
buffer.append('\n").append(prefix)
.append("Unparsed Extension Value:\n"); //$NON-NLS-1$
buffer.append(Array.toString(extnValue, prefix));
| | public boolean | equals(java.lang.Object ext)
if (!(ext instanceof Extension)) {
return false;
}
Extension extn = (Extension) ext;
return Arrays.equals(extnID, extn.extnID)
&& (critical == extn.critical)
&& Arrays.equals(extnValue, extn.extnValue);
| | public BasicConstraints | getBasicConstraintsValue()
if (!valueDecoded) {
try {
decodeExtensionValue();
} catch (IOException e) { }
}
if (extnValueObject instanceof BasicConstraints) {
return (BasicConstraints) extnValueObject;
} else {
return null;
}
| | public boolean | getCritical()Returns the value of critical field of the structure.
return critical;
| | public ExtensionValue | getDecodedExtensionValue()
if (!valueDecoded) {
decodeExtensionValue();
}
return extnValueObject;
| | public byte[] | getEncoded()Returns ASN.1 encoded form of this X.509 Extension value.
if (encoding == null) {
encoding = Extension.ASN1.encode(this);
}
return encoding;
| | public java.lang.String | getExtnID()Returns the value of extnID field of the structure.
if (extnID_str == null) {
extnID_str = ObjectIdentifier.toString(extnID);
}
return extnID_str;
| | public byte[] | getExtnValue()Returns the value of extnValue field of the structure.
return extnValue;
| | public KeyUsage | getKeyUsageValue()
if (!valueDecoded) {
try {
decodeExtensionValue();
} catch (IOException e) { }
}
if (extnValueObject instanceof KeyUsage) {
return (KeyUsage) extnValueObject;
} else {
return null;
}
| | public byte[] | getRawExtnValue()Returns the raw (undecoded octet string) value of extnValue
field of the structure.
if (rawExtnValue == null) {
rawExtnValue = ASN1OctetString.getInstance().encode(extnValue);
}
return rawExtnValue;
| | private static boolean | oidEquals(int[] oid1, int[] oid2)
int length = oid1.length;
if (length != oid2.length) {
return false;
}
while (length > 0) {
if (oid1[--length] != oid2[length]) {
return false;
}
}
return true;
|
|
