com.tencent.kona.sun.security.x509

Class Extension

java.lang.Object

com.tencent.kona.sun.security.x509.Extension

All Implemented Interfaces:

com.tencent.kona.sun.security.util.DerEncoder, java.security.cert.Extension

Direct Known Subclasses:

AuthorityInfoAccessExtension, AuthorityKeyIdentifierExtension, BasicConstraintsExtension, CertificateIssuerExtension, CertificatePoliciesExtension, CRLDistributionPointsExtension, CRLNumberExtension, CRLReasonCodeExtension, ExtendedKeyUsageExtension, InhibitAnyPolicyExtension, InvalidityDateExtension, IssuerAlternativeNameExtension, IssuingDistributionPointExtension, KeyUsageExtension, NameConstraintsExtension, NetscapeCertTypeExtension, OCSPNoCheckExtension, OCSPNonceExtension, PolicyConstraintsExtension, PolicyMappingsExtension, PrivateKeyUsageExtension, SubjectAlternativeNameExtension, SubjectInfoAccessExtension, SubjectKeyIdentifierExtension

public class Extension
extends java.lang.Object
implements java.security.cert.Extension, com.tencent.kona.sun.security.util.DerEncoder

Represent a X509 Extension Attribute.

Extensions are additional attributes which can be inserted in a X509 v3 certificate. For example a "Driving License Certificate" could have the driving license number as a extension.

Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding of the extension value).

 ASN.1 definition of Extension:
 Extension ::= SEQUENCE {
      ExtensionId     OBJECT IDENTIFIER,
      critical        BOOLEAN DEFAULT FALSE,
      extensionValue  OCTET STRING
 }
 

All subclasses need to implement a constructor of the form

     <subclass> (Boolean, Object)
 

where the Object is typically an array of DER encoded bytes.

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	critical
protected com.tencent.kona.sun.security.util.ObjectIdentifier	extensionId
protected byte[]	extensionValue

Constructor Summary

Constructors

Constructor and Description
Extension() Default constructor.
Extension(com.tencent.kona.sun.security.util.DerValue derVal) Constructs an extension from a DER encoded array of bytes.
Extension(Extension ext) Constructs an Extension from another extension.
Extension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId, boolean critical, byte[] extensionValue) Constructs an Extension from individual components of ObjectIdentifier, criticality and the DER encoded OctetString.

Method Summary

Modifier and Type	Method and Description
void	encode(com.tencent.kona.sun.security.util.DerOutputStream out) Write the extension to the DerOutputStream.
void	encode(java.io.OutputStream out) Implementing Extension.encode(OutputStream).
boolean	equals(java.lang.Object other) Compares this Extension for equality with the specified object.
com.tencent.kona.sun.security.util.ObjectIdentifier	getExtensionId() Returns the ObjectIdentifier of the extension.
byte[]	getExtensionValue() Returns the extension value as a byte array for further processing.
java.lang.String	getId()
java.lang.String	getName() Returns the extension name.
byte[]	getValue()
int	hashCode() Returns a hashcode value for this Extension.
boolean	isCritical() Returns true if extension is critical.
static Extension	newExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId, boolean critical, byte[] rawExtensionValue) Constructs an Extension from individual components of ObjectIdentifier, criticality and the raw encoded extension value.
java.lang.String	toString() Returns the Extension in user readable form.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

extensionId

protected com.tencent.kona.sun.security.util.ObjectIdentifier extensionId

critical

protected boolean critical

extensionValue

protected byte[] extensionValue

Constructor Detail

Extension

public Extension()

Default constructor. Used only by subclasses.

Extension

public Extension(com.tencent.kona.sun.security.util.DerValue derVal)
          throws java.io.IOException

Constructs an extension from a DER encoded array of bytes.

Throws:

java.io.IOException

Extension

public Extension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId,
                 boolean critical,
                 byte[] extensionValue)
          throws java.io.IOException

Constructs an Extension from individual components of ObjectIdentifier, criticality and the DER encoded OctetString.

Parameters:

extensionId - the ObjectIdentifier of the extension

critical - the boolean indicating if the extension is critical

extensionValue - the DER encoded octet string of the value.

Throws:

java.io.IOException

Extension

public Extension(Extension ext)

Constructs an Extension from another extension. To be used for creating decoded subclasses.

Parameters:

ext - the extension to create from.

Method Detail

newExtension

public static Extension newExtension(com.tencent.kona.sun.security.util.ObjectIdentifier extensionId,
                                     boolean critical,
                                     byte[] rawExtensionValue)
                              throws java.io.IOException

Constructs an Extension from individual components of ObjectIdentifier, criticality and the raw encoded extension value.

Parameters:

extensionId - the ObjectIdentifier of the extension

critical - the boolean indicating if the extension is critical

rawExtensionValue - the raw DER-encoded extension value (this is not the encoded OctetString).

Throws:

java.io.IOException

encode

public final void encode(java.io.OutputStream out)
                  throws java.io.IOException

Implementing Extension.encode(OutputStream). This implementation is made final to make sure all encode() methods in child classes are actually implementations of encode(DerOutputStream) below.

Specified by:

encode in interface java.security.cert.Extension

Parameters:

out - the output stream

Throws:

java.io.IOException

encode

public void encode(com.tencent.kona.sun.security.util.DerOutputStream out)

Write the extension to the DerOutputStream.

Specified by:

encode in interface com.tencent.kona.sun.security.util.DerEncoder

Parameters:

out - the DerOutputStream to write the extension to.

isCritical

public boolean isCritical()

Returns true if extension is critical.

Specified by:

isCritical in interface java.security.cert.Extension

getExtensionId

public com.tencent.kona.sun.security.util.ObjectIdentifier getExtensionId()

Returns the ObjectIdentifier of the extension.

getValue

public byte[] getValue()

Specified by:

getValue in interface java.security.cert.Extension

getExtensionValue

public byte[] getExtensionValue()

Returns the extension value as a byte array for further processing. Note, this is the raw DER value of the extension, not the DER encoded octet string which is in the certificate. This method does not return a clone; it is the responsibility of the caller to clone the array if necessary.

getName

public java.lang.String getName()

Returns the extension name. The default implementation returns the string form of the extensionId. Known extensions should override this method to return a human readable name.

getId

public java.lang.String getId()

Specified by:

getId in interface java.security.cert.Extension

toString

public java.lang.String toString()

Returns the Extension in user readable form.

Overrides:

toString in class java.lang.Object

hashCode

public int hashCode()

Returns a hashcode value for this Extension.

Overrides:

hashCode in class java.lang.Object

Returns:

the hashcode value.

equals

public boolean equals(java.lang.Object other)

Compares this Extension for equality with the specified object. If the other object is an instanceof Extension, then its encoded form is retrieved and compared with the encoded form of this Extension.

Overrides:

equals in class java.lang.Object

Parameters:

other - the object to test for equality with this Extension.

Returns:

true iff the other object is of type Extension, and the criticality flag, object identifier and encoded extension value of the two Extensions match, false otherwise.