public class PolicyConstraintsExtension extends Extension implements CertAttrSet
The policy constraints extension can be used in certificates issued to CAs. The policy constraints extension constrains path validation in two ways. It can be used to prohibit policy mapping or require that each certificate in a path contain an acceptable policy identifier.
The ASN.1 syntax for this is (IMPLICIT tagging is defined in the module definition):
PolicyConstraints ::= SEQUENCE {
requireExplicitPolicy [0] SkipCerts OPTIONAL,
inhibitPolicyMapping [1] SkipCerts OPTIONAL
}
SkipCerts ::= INTEGER (0..MAX)
Extension,
CertAttrSet,
Serialized Form| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
IDENT
Identifier for this attribute, to be used with the
get, set, delete methods of Certificate, x509 type.
|
static java.lang.String |
INHIBIT |
static java.lang.String |
NAME
Attribute names.
|
static java.lang.String |
REQUIRE |
critical, extensionId, extensionValue| Constructor and Description |
|---|
PolicyConstraintsExtension(boolean crit,
int require,
int inhibit)
Create a PolicyConstraintsExtension object with criticality and
both require explicit policy and inhibit policy mapping.
|
PolicyConstraintsExtension(java.lang.Boolean critical,
java.lang.Object value)
Create the extension from its DER encoded value and criticality.
|
PolicyConstraintsExtension(int require,
int inhibit)
Create a PolicyConstraintsExtension object with both
require explicit policy and inhibit policy mapping.
|
| Modifier and Type | Method and Description |
|---|---|
void |
decode(java.io.InputStream in)
Decode the extension from the InputStream.
|
void |
delete(java.lang.String name)
Delete the attribute value.
|
void |
encode(java.io.OutputStream out)
Write the extension to the DerOutputStream.
|
java.lang.Object |
get(java.lang.String name)
Get the attribute value.
|
java.util.Enumeration<java.lang.String> |
getAttributeNames()
Return an enumeration of names of attributes existing within this
attribute.
|
int |
getInhibitPolicyMapping()
returns the inhibitPolicyMapping parameter.
|
java.lang.String |
getName()
Return the name of this attribute.
|
int |
getRequireExplicitMapping()
returns the requireExplicitMapping parameter.
|
void |
set(java.lang.String name,
java.lang.Object obj)
Set the attribute value.
|
java.lang.String |
toString()
Return the extension as user readable string.
|
clearValue, encode, getExtensionId, getExtensionValue, isCritical, setCritical, setExtensionId, setExtensionValuepublic static final java.lang.String IDENT
public static final java.lang.String NAME
public static final java.lang.String REQUIRE
public static final java.lang.String INHIBIT
public PolicyConstraintsExtension(boolean crit,
int require,
int inhibit)
throws java.io.IOException
crit - whether this extension should be criticalrequire - require explicit policy (-1 for optional).inhibit - inhibit policy mapping (-1 for optional).java.io.IOExceptionpublic PolicyConstraintsExtension(int require,
int inhibit)
throws java.io.IOException
require - require explicit policy (-1 for optional).inhibit - inhibit policy mapping (-1 for optional).java.io.IOExceptionpublic PolicyConstraintsExtension(java.lang.Boolean critical,
java.lang.Object value)
throws java.io.IOException
critical - true if the extension is to be treated as critical.value - Array of DER encoded bytes of the actual value.java.io.IOException - on error.public java.lang.String toString()
toString in interface CertAttrSettoString in class Extensionpublic void decode(java.io.InputStream in)
throws java.io.IOException
decode in interface CertAttrSetin - the InputStream to unmarshal the contents from.java.io.IOException - on decoding or validity errors.public void encode(java.io.OutputStream out)
throws java.io.IOException
encode in interface CertAttrSetout - the DerOutputStream to write the extension to.java.io.IOException - on encoding errors.public void set(java.lang.String name,
java.lang.Object obj)
throws java.io.IOException
set in interface CertAttrSetname - the name of the attribute (e.g. "x509.info.key")obj - the attribute object.java.io.IOException - on other errors.public java.lang.Object get(java.lang.String name)
throws java.io.IOException
get in interface CertAttrSetname - the name of the attribute to return.java.io.IOException - on other errors.public void delete(java.lang.String name)
throws java.io.IOException
delete in interface CertAttrSetname - the name of the attribute to delete.java.io.IOException - on other errors.public java.util.Enumeration<java.lang.String> getAttributeNames()
getAttributeNames in interface CertAttrSetpublic java.lang.String getName()
getName in interface CertAttrSetpublic int getRequireExplicitMapping()
public int getInhibitPolicyMapping()