com.ibm.security12.sun.security.x509
Class PrivateKeyUsageExtension

java.lang.Object
  |
  +--com.ibm.security12.sun.security.x509.Extension
        |
        +--com.ibm.security12.sun.security.x509.PrivateKeyUsageExtension

public class PrivateKeyUsageExtension
extends Extension
implements CertAttrSet

This class defines the Private Key Usage Extension.

The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the private key than the certificate. This extension is intended for use with digital signature keys. This extension consists of two optional components notBefore and notAfter. The private key associated with the certificate should not be used to sign objects before or after the times specified by the two components, respectively.

 PrivateKeyUsagePeriod ::= SEQUENCE {
     notBefore  [0]  GeneralizedTime OPTIONAL,
     notAfter   [1]  GeneralizedTime OPTIONAL }
 

Version:
1.15
Author:
Amit Kapoor, Hemma Prafullchandra
See Also:
Extension, CertAttrSet

Field Summary
static String IDENT
          Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
static String NAME
          Sub attributes name for this CertAttrSet.
static String NOT_AFTER
           
static String NOT_BEFORE
           
 
Fields inherited from class com.ibm.security12.sun.security.x509.Extension
critical, extensionId, extensionValue
 
Constructor Summary
PrivateKeyUsageExtension(Boolean critical, Object value)
          Create the extension from the passed DER encoded value.
PrivateKeyUsageExtension(Date notBefore, Date notAfter)
          The default constructor for PrivateKeyUsageExtension.
 
Method Summary
 void decode(InputStream in)
          Decode the extension from the InputStream.
 void delete(String name)
          Delete the attribute value.
 void encode(OutputStream out)
          Write the extension to the OutputStream.
 Object get(String name)
          Get the attribute value.
 Enumeration getElements()
          Return an enumeration of names of attributes existing within this attribute.
 String getName()
          Return the name of this attribute.
 void set(String name, Object obj)
          Set the attribute value.
 String toString()
          Return the printable string.
 void valid()
          Verify that that the current time is within the validity period.
 void valid(Date now)
          Verify that that the passed time is within the validity period.
 
Methods inherited from class com.ibm.security12.sun.security.x509.Extension
encode, equals, getExtensionId, getExtensionValue, hashCode, isCritical
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

IDENT

public static final String IDENT
Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.

NAME

public static final String NAME
Sub attributes name for this CertAttrSet.

NOT_BEFORE

public static final String NOT_BEFORE

NOT_AFTER

public static final String NOT_AFTER
Constructor Detail

PrivateKeyUsageExtension

public PrivateKeyUsageExtension(Date notBefore,
                                Date notAfter)
                         throws IOException
The default constructor for PrivateKeyUsageExtension.
Parameters:
notBefore - the date/time before which the private key should not be used.
notAfter - the date/time after which the private key should not be used.

PrivateKeyUsageExtension

public PrivateKeyUsageExtension(Boolean critical,
                                Object value)
                         throws CertificateException,
                                IOException
Create the extension from the passed DER encoded value.
Parameters:
critical - true if the extension is to be treated as critical.
value - Array of DER encoded bytes of the actual value.
Throws:
CertificateException - on certificate parsing errors.
IOException - on error.
Method Detail

toString

public String toString()
Return the printable string.
Specified by:
toString in interface CertAttrSet
Overrides:
toString in class Extension

valid

public void valid()
           throws CertificateNotYetValidException,
                  CertificateExpiredException
Verify that that the current time is within the validity period.
Throws:
CertificateExpiredException - if the certificate has expired.
CertificateNotYetValidException - if the certificate is not yet valid.

valid

public void valid(Date now)
           throws CertificateNotYetValidException,
                  CertificateExpiredException
Verify that that the passed time is within the validity period.
Throws:
CertificateExpiredException - if the certificate has expired with respect to the Date supplied.
CertificateNotYetValidException - if the certificate is not yet valid with respect to the Date supplied.

encode

public void encode(OutputStream out)
            throws IOException
Write the extension to the OutputStream.
Specified by:
encode in interface CertAttrSet
Parameters:
out - the OutputStream to write the extension to.
Throws:
IOException - on encoding errors.

decode

public void decode(InputStream in)
            throws CertificateException
Decode the extension from the InputStream.
Specified by:
decode in interface CertAttrSet
Parameters:
in - the InputStream to unmarshal the contents from.
Throws:
CertificateException - on decoding errors.

set

public void set(String name,
                Object obj)
         throws CertificateException,
                IOException
Set the attribute value.
Specified by:
set in interface CertAttrSet
Throws:
CertificateException - on attribute handling errors.

get

public Object get(String name)
           throws CertificateException
Get the attribute value.
Specified by:
get in interface CertAttrSet
Throws:
CertificateException - on attribute handling errors.

delete

public void delete(String name)
            throws CertificateException,
                   IOException
Delete the attribute value.
Specified by:
delete in interface CertAttrSet
Throws:
CertificateException - on attribute handling errors.

getElements

public Enumeration getElements()
Return an enumeration of names of attributes existing within this attribute.
Specified by:
getElements in interface CertAttrSet

getName

public String getName()
Return the name of this attribute.
Specified by:
getName in interface CertAttrSet