com.ibm.security12.sun.security.x509
Class PolicyConstraintsExtension

java.lang.Object
  |
  +--com.ibm.security12.sun.security.x509.Extension
        |
        +--com.ibm.security12.sun.security.x509.PolicyConstraintsExtension

public class PolicyConstraintsExtension
extends Extension
implements CertAttrSet

This class defines the certificate extension which specifies the Policy constraints.

The policy constraints extension can be used in certificates issued to CAs. The policy constraints extension constrains path validation in two ways. It can be used to prohibit policy mapping or require that each certificate in a path contain an acceptable policy identifier.

The ASN.1 syntax for this is (IMPLICIT tagging is defined in the module definition):

 PolicyConstraints ::= SEQUENCE {
     requireExplicitPolicy [0] SkipCerts OPTIONAL,
     inhibitPolicyMapping  [1] SkipCerts OPTIONAL
 }
 SkipCerts ::= INTEGER (0..MAX)
 

Version:
1.9
Author:
Amit Kapoor, Hemma Prafullchandra
See Also:
Extension, CertAttrSet

Field Summary
static String IDENT
          Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
static String INHIBIT
           
static String NAME
          Attribute names.
static String REQUIRE
           
 
Fields inherited from class com.ibm.security12.sun.security.x509.Extension
critical, extensionId, extensionValue
 
Constructor Summary
PolicyConstraintsExtension(Boolean critical, Object value)
          Create the extension from its DER encoded value and criticality.
PolicyConstraintsExtension(int require, int inhibit)
          Create a PolicyConstraintsExtension object with both require explicit policy and inhibit policy mapping.
 
Method Summary
 void decode(InputStream in)
          Decode the extension from the InputStream.
 void delete(String name)
          Delete the attribute value.
 void encode(OutputStream out)
          Write the extension to the DerOutputStream.
 Object get(String name)
          Get the attribute value.
 Enumeration getElements()
          Return an enumeration of names of attributes existing within this attribute.
 String getName()
          Return the name of this attribute.
 void set(String name, Object obj)
          Set the attribute value.
 String toString()
          Return the extension as user readable string.
 
Methods inherited from class com.ibm.security12.sun.security.x509.Extension
encode, equals, getExtensionId, getExtensionValue, hashCode, isCritical
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

IDENT

public static final String IDENT
Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.

NAME

public static final String NAME
Attribute names.

REQUIRE

public static final String REQUIRE

INHIBIT

public static final String INHIBIT
Constructor Detail

PolicyConstraintsExtension

public PolicyConstraintsExtension(int require,
                                  int inhibit)
                           throws IOException
Create a PolicyConstraintsExtension object with both require explicit policy and inhibit policy mapping.
Parameters:
require - require explicit policy (-1 for optional).
inhibit - inhibit policy mapping (-1 for optional).

PolicyConstraintsExtension

public PolicyConstraintsExtension(Boolean critical,
                                  Object value)
                           throws IOException
Create the extension from its DER encoded value and criticality.
Parameters:
critical - true if the extension is to be treated as critical.
value - Array of DER encoded bytes of the actual value.
Throws:
IOException - on error.
Method Detail

toString

public String toString()
Return the extension as user readable string.
Specified by:
toString in interface CertAttrSet
Overrides:
toString in class Extension

decode

public void decode(InputStream in)
            throws IOException
Decode the extension from the InputStream.
Specified by:
decode in interface CertAttrSet
Parameters:
in - the InputStream to unmarshal the contents from.
Throws:
IOException - on decoding or validity errors.

encode

public void encode(OutputStream out)
            throws IOException
Write the extension to the DerOutputStream.
Specified by:
encode in interface CertAttrSet
Parameters:
out - the DerOutputStream to write the extension to.
Throws:
IOException - on encoding errors.

set

public void set(String name,
                Object obj)
         throws IOException
Set the attribute value.
Specified by:
set in interface CertAttrSet

get

public Object get(String name)
           throws IOException
Get the attribute value.
Specified by:
get in interface CertAttrSet

delete

public void delete(String name)
            throws IOException
Delete the attribute value.
Specified by:
delete in interface CertAttrSet

getElements

public Enumeration getElements()
Return an enumeration of names of attributes existing within this attribute.
Specified by:
getElements in interface CertAttrSet

getName

public String getName()
Return the name of this attribute.
Specified by:
getName in interface CertAttrSet