Interface X509Extensions


  • public interface X509Extensions
    X509 Extensions set.
    Since:
    5.4
    Version:
    $Id: 9d5b817e97fd71210f418cd2290ba50e37f12cd7 $
    • Field Detail

      • BASIC_CONSTRAINTS_OID

        static final String BASIC_CONSTRAINTS_OID
        OID of KeyUsage.
      • KEY_USAGE_OID

        static final String KEY_USAGE_OID
        OID of KeyUsage.
      • EXTENDED_KEY_USAGE_OID

        static final String EXTENDED_KEY_USAGE_OID
        OID of ExtendedKeyUsage.
      • SUBJECT_ALT_NAME_OID

        static final String SUBJECT_ALT_NAME_OID
        OID of IssuerAltName.
      • ISSUER_ALT_NAME_OID

        static final String ISSUER_ALT_NAME_OID
        OID of IssuerAltName.
    • Method Detail

      • getExtensionValue

        byte[] getExtensionValue​(String oid)
        Gets the DER-encoded OCTET string for the extension value (extnValue) identified by the passed-in oid String.
        Parameters:
        oid - the oid to retrieve.
        Returns:
        a DER-encoded octet string or null if this extensions is absent.
      • isCritical

        boolean isCritical​(String oid)
        Return true if the given oid has a critical extension.
        Parameters:
        oid - the oid to check.
        Returns:
        true if the given oid has a critical extension.
      • getExtensionOID

        String[] getExtensionOID()
        Returns:
        the array of OID strings in this extensions set.
      • getCriticalExtensionOID

        String[] getCriticalExtensionOID()
        Returns:
        the array of OID strings in this extensions set marked critical.
      • getNonCriticalExtensionOID

        String[] getNonCriticalExtensionOID()
        Returns:
        the array of OID strings in this extensions set marked non-critical.
      • getEncoded

        byte[] getEncoded()
                   throws IOException
        Returns:
        the ASN.1 encoded form of the extensions set.
        Throws:
        IOException - on encoding error.
      • hasCertificateAuthorityBasicConstraints

        boolean hasCertificateAuthorityBasicConstraints()
        Returns:
        true if these extensions identify a Certificate Authority.
      • getBasicConstraintsPathLen

        int getBasicConstraintsPathLen()
        Returns:
        a positive integer representing the path len constraints of a Certificate Authority, or -1 if there is no such constraints.
      • getKeyUsage

        EnumSet<KeyUsage> getKeyUsage()
        Returns:
        the set of key usages authorized, or null of none has been assigned.
      • getExtendedKeyUsage

        ExtendedKeyUsages getExtendedKeyUsage()
        Returns:
        the set of extended key usages authorized, or null of none has been assigned.
      • getAuthorityKeyIdentifier

        byte[] getAuthorityKeyIdentifier()
        Returns:
        the authority key identifier, or null of none has been assigned.
      • getSubjectKeyIdentifier

        byte[] getSubjectKeyIdentifier()
        Returns:
        the subject key identifier, or null of none has been assigned.
      • getSubjectAltName

        List<X509GeneralName> getSubjectAltName()
        Returns:
        additional identities bound to the subject of the certificate.
      • getIssuerAltName

        List<X509GeneralName> getIssuerAltName()
        Returns:
        additional identities bound to the issuer of the certificate.