1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
/* X509Extension.java --- X.509 Extension
Copyright (C) 1999 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.
As a special exception, if you link this library with other files to
produce an executable, this library does not by itself cause the
resulting executable to be covered by the GNU General Public License.
This exception does not however invalidate any other reasons why the
executable file might be covered by the GNU General Public License. */
package java.security.cert;
import java.util.Set;
/**
Public abstract interface for the X.509 Extension.
This is used for X.509 v3 Certificates and CRL v2 (Certificate
Revocation Lists) for managing attributes assoicated with
Certificates, for managing the hierarchy of certificates,
and for managing the distribution of CRL. This extension
format is used to define private extensions.
Each extensions for a certificate or CRL must be marked
either critical or non-critical. If the certificate/CRL
system encounters a critical extension not recognized then
it must reject the certificate. A non-critical extension
may be just ignored if not recognized.
The ASN.1 definition for this class is:
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE {
extnId OBJECT IDENTIFIER,
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING
-- contains a DER encoding of a value
-- of the type registered for use with
-- the extnId object identifier value
}
@author Mark Benvenuto
@since JDK 1.2
*/
public abstract interface X509Extension
{
/**
Returns true if the certificate contains a critical extension
that is not supported.
@return true if has unsupported extension, false otherwise
*/
public boolean hasUnsupportedCriticalExtension();
/**
Returns a set of the CRITICAL extension OIDs from the
certificate/CRL that the object implementing this interface
manages.
@return A Set containing the OIDs. If there are no CRITICAL
extensions or extensions at all this returns null.
*/
public Set getCriticalExtensionOIDs();
/**
Returns a set of the NON-CRITICAL extension OIDs from the
certificate/CRL that the object implementing this interface
manages.
@return A Set containing the OIDs. If there are no NON-CRITICAL
extensions or extensions at all this returns null.
*/
public Set getNonCriticalExtensionOIDs();
/**
Returns the DER encoded OCTET string for the specified
extension value identified by a OID. The OID is a string
of number seperated by periods. Ex: 12.23.45.67
*/
public byte[] getExtensionValue(String oid);
}
|
