Package org.xwiki.crypto.pkix
Interface X509ExtensionBuilder
-
@Role public interface X509ExtensionBuilder
Builder to build X.509 extension set.- Since:
- 5.4
- Version:
- $Id: c4ae8051505d0986238e777239581f64f4098e73 $
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description X509ExtensionBuilder
addAuthorityKeyIdentifier(PublicKeyParameters issuer)
Add the authority key identifier extension for self signed certificates.X509ExtensionBuilder
addAuthorityKeyIdentifier(CertifiedPublicKey issuer)
Add the authority key identifier extension.X509ExtensionBuilder
addBasicConstraints(boolean isCertificateAuthority)
Add the BasicConstraints extension.X509ExtensionBuilder
addBasicConstraints(int pathLen)
Add the BasicConstraints extension for a CA with a limited path length.X509ExtensionBuilder
addExtendedKeyUsage(boolean critical, ExtendedKeyUsages usages)
Add a extended key usage extensions.X509ExtensionBuilder
addExtension(String oid, boolean critical, byte[] value)
Add an extension with the given oid and the passed in value to be included in the OCTET STRING associated with the extension.X509ExtensionBuilder
addExtensions(X509Extensions extensionSet)
Add all extension in an existing extension set to the currently built extension set.X509ExtensionBuilder
addIssuerAltName(X509GeneralName[] names)
Add the issuer alternative names extension.X509ExtensionBuilder
addKeyUsage(boolean critical, EnumSet<KeyUsage> usages)
Add a key usage extensions.X509ExtensionBuilder
addKeyUsage(EnumSet<KeyUsage> usages)
Add a critical key usage extensions.X509ExtensionBuilder
addSubjectAltName(boolean critical, X509GeneralName[] names)
Add the subject alternative names extension.X509ExtensionBuilder
addSubjectKeyIdentifier(PublicKeyParameters subject)
Add the subject key identifier extension.X509Extensions
build()
boolean
isEmpty()
-
-
-
Method Detail
-
addExtension
X509ExtensionBuilder addExtension(String oid, boolean critical, byte[] value) throws IOException
Add an extension with the given oid and the passed in value to be included in the OCTET STRING associated with the extension.- Parameters:
oid
- OID for the extension.critical
- true if critical, false otherwise.value
- the ASN.1 object to be included in the extension.- Returns:
- this extensions builder to allow chaining.
- Throws:
IOException
- on encoding error.
-
addExtensions
X509ExtensionBuilder addExtensions(X509Extensions extensionSet) throws IOException
Add all extension in an existing extension set to the currently built extension set.- Parameters:
extensionSet
- the extension set to copy.- Returns:
- this extensions builder to allow chaining.
- Throws:
IOException
- on encoding error.
-
build
X509Extensions build()
- Returns:
- the final resulting X.509 extensions
-
isEmpty
boolean isEmpty()
- Returns:
- true if no extension has been ever added.
-
addBasicConstraints
X509ExtensionBuilder addBasicConstraints(boolean isCertificateAuthority)
Add the BasicConstraints extension.- Parameters:
isCertificateAuthority
- should be true for a CA certificate.- Returns:
- this extensions builder to allow chaining.
-
addBasicConstraints
X509ExtensionBuilder addBasicConstraints(int pathLen)
Add the BasicConstraints extension for a CA with a limited path length.- Parameters:
pathLen
- the maximum path len for this CA.- Returns:
- this extensions builder to allow chaining.
-
addKeyUsage
X509ExtensionBuilder addKeyUsage(EnumSet<KeyUsage> usages)
Add a critical key usage extensions.- Parameters:
usages
- a set of key usage.- Returns:
- this extensions builder to allow chaining.
-
addKeyUsage
X509ExtensionBuilder addKeyUsage(boolean critical, EnumSet<KeyUsage> usages)
Add a key usage extensions.- Parameters:
critical
- should be true for a critical extension, false otherwise.usages
- a set of key usage.- Returns:
- this extensions builder to allow chaining.
-
addExtendedKeyUsage
X509ExtensionBuilder addExtendedKeyUsage(boolean critical, ExtendedKeyUsages usages)
Add a extended key usage extensions.- Parameters:
critical
- should be true for a critical extension, false otherwise.usages
- a set of extended key usage.- Returns:
- this extensions builder to allow chaining.
-
addAuthorityKeyIdentifier
X509ExtensionBuilder addAuthorityKeyIdentifier(CertifiedPublicKey issuer)
Add the authority key identifier extension. This extension is automatically added by the certificate builder.- Parameters:
issuer
- the certifierd public key of the issuer.- Returns:
- this extensions builder to allow chaining.
-
addAuthorityKeyIdentifier
X509ExtensionBuilder addAuthorityKeyIdentifier(PublicKeyParameters issuer)
Add the authority key identifier extension for self signed certificates. This extension is automatically added by the certificate builder.- Parameters:
issuer
- the public key parameters of the subject.- Returns:
- this extensions builder to allow chaining.
-
addSubjectKeyIdentifier
X509ExtensionBuilder addSubjectKeyIdentifier(PublicKeyParameters subject)
Add the subject key identifier extension. This extension is automatically added by the certificate builder.- Parameters:
subject
- the public key parameters of the subject.- Returns:
- this extensions builder to allow chaining.
-
addSubjectAltName
X509ExtensionBuilder addSubjectAltName(boolean critical, X509GeneralName[] names)
Add the subject alternative names extension.- Parameters:
critical
- should be true if the subject field is empty, false otherwise.names
- a collection of X.509 general name.- Returns:
- this extensions builder to allow chaining.
-
addIssuerAltName
X509ExtensionBuilder addIssuerAltName(X509GeneralName[] names)
Add the issuer alternative names extension.- Parameters:
names
- a collection of X.509 general name.- Returns:
- this extensions builder to allow chaining.
-
-