Java Doc for NameConstraintsExtension.java in » 6.0-JDK-Modules » j2me » sun » security » x509 » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation

1.	6.0 JDK Core
2.	6.0 JDK Modules
3.	6.0 JDK Modules com.sun
4.	6.0 JDK Modules com.sun.java
5.	6.0 JDK Modules sun
6.	6.0 JDK Platform
7.	Ajax
8.	Apache Harmony Java SE
9.	Aspect oriented
10.	Authentication Authorization
11.	Blogger System
12.	Build
13.	Byte Code
14.	Cache
15.	Chart
16.	Chat
17.	Code Analyzer
18.	Collaboration
19.	Content Management System
20.	Database Client
21.	Database DBMS
22.	Database JDBC Connection Pool
23.	Database ORM
24.	Development
25.	EJB Server geronimo
26.	EJB Server GlassFish
27.	EJB Server JBoss 4.2.1
28.	EJB Server resin 3.1.5
29.	ERP CRM Financial
30.	ESB
31.	Forum
32.	GIS
33.	Graphic Library
34.	Groupware
35.	HTML Parser
36.	IDE
37.	IDE Eclipse
38.	IDE Netbeans
39.	Installer
40.	Internationalization Localization
41.	Inversion of Control
42.	Issue Tracking
43.	J2EE
44.	JBoss
45.	JMS
46.	JMX
47.	Library
48.	Mail Clients
49.	Net
50.	Parser
51.	PDF
52.	Portal
53.	Profiler
54.	Project Management
55.	Report
56.	RSS RDF
57.	Rule Engine
58.	Science
59.	Scripting
60.	Search Engine
61.	Security
62.	Sevlet Container
63.	Source Control
64.	Swing Library
65.	Template Engine
66.	Test Coverage
67.	Testing
68.	UML
69.	Web Crawler
70.	Web Framework
71.	Web Mail
72.	Web Server
73.	Web Services
74.	Web Services apache cxf 2.0.1
75.	Web Services AXIS2
76.	Wiki Engine
77.	Workflow Engines
78.	XML
79.	XML UI

Java

Java Tutorial

Illustrator Tutorials

GIMP Tutorials

C# / C Sharp

C# / CSharp Tutorial

C# / CSharp Open Source

SQL Server / T-SQL Tutorial

Oracle PL / SQL

Oracle PL/SQL Tutorial

Flash / Flex / ActionScript

VBA / Excel / Access / Word

XML

XML Tutorial

Microsoft Office PowerPoint 2007 Tutorial

Microsoft Office Excel 2007 Tutorial

Microsoft Office Word 2007 Tutorial

Java Source Code / Java Documentation » 6.0 JDK Modules » j2me » sun.security.x509

Source Cross Reference

Class Diagram

Java Document (Java Doc)

java.lang .Object

sun.security.x509 .Extension

sun.security.x509 .NameConstraintsExtension

NameConstraintsExtension

public class NameConstraintsExtension extends Extension implements CertAttrSet(Code)

This class defines the Name Constraints Extension.

The name constraints extension provides permitted and excluded subtrees that place restrictions on names that may be included within a certificate issued by a given CA. Restrictions may apply to the subject distinguished name or subject alternative names. Any name matching a restriction in the excluded subtrees field is invalid regardless of information appearing in the permitted subtrees.

The ASN.1 syntax for this is:

 NameConstraints ::= SEQUENCE {
 permittedSubtrees [0]  GeneralSubtrees OPTIONAL,
 excludedSubtrees  [1]  GeneralSubtrees OPTIONAL
 }
 GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree

author:
   Amit Kapoor
author:
   Hemma Prafullchandra
version:
   1.15
See Also:   Extension
See Also:   CertAttrSet

Field Summary
final public static String	EXCLUDED_SUBTREES
final public static String	IDENT Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
final public static String	NAME Attribute names.
final public static String	PERMITTED_SUBTREES

Constructor Summary
public	NameConstraintsExtension(GeneralSubtrees permitted, GeneralSubtrees excluded) The default constructor for this class.
public	NameConstraintsExtension(Boolean critical, Object value) Create the extension from the passed DER encoded value.

Method Summary
public void	decode(InputStream in) Decode the extension from the InputStream.
public void	delete(String name) Delete the attribute value.
public void	encode(OutputStream out) Write the extension to the OutputStream.
public Object	get(String name) Get the attribute value.
public Enumeration	getElements() Return an enumeration of names of attributes existing within this attribute.
public String	getName() Return the name of this attribute.
public void	merge(NameConstraintsExtension newConstraints) Merge additional name constraints with existing ones. This function is used in certification path processing to accumulate name constraints from successive certificates in the path.
public void	set(String name, Object obj) Set the attribute value.
public String	toString() Return the printable string.
public boolean	verify(X509Certificate cert) check whether a certificate conforms to these NameConstraints. This involves verifying that the subject name and subjectAltName extension (critical or noncritical) is consistent with the permitted subtrees state variables.
public boolean	verify(GeneralNameInterface name) check whether a name conforms to these NameConstraints.
public boolean	verifyRFC822SpecialCase(X500Name subject) Perform the RFC 822 special case check.

Field Detail

EXCLUDED_SUBTREES
final public static String EXCLUDED_SUBTREES(Code)

IDENT
final public static String IDENT(Code)
	Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.

NAME
final public static String NAME(Code)
	Attribute names.

PERMITTED_SUBTREES
final public static String PERMITTED_SUBTREES(Code)

Constructor Detail

NameConstraintsExtension
public NameConstraintsExtension(GeneralSubtrees permitted, GeneralSubtrees excluded) throws IOException(Code)
	The default constructor for this class. Both parameters are optional and can be set to null. The extension criticality is set to true. Parameters: permitted - the permitted GeneralSubtrees (null for optional). Parameters: excluded - the excluded GeneralSubtrees (null for optional).

NameConstraintsExtension
public NameConstraintsExtension(Boolean critical, Object value) throws IOException(Code)
	Create the extension from the passed DER encoded value. Parameters: critical - true if the extension is to be treated as critical. Parameters: value - Array of DER encoded bytes of the actual value. exception: IOException - on error.

Method Detail

decode
public void decode(InputStream in) throws IOException(Code)
	Decode the extension from the InputStream. Parameters: in - the InputStream to unmarshal the contents from. exception: IOException - on decoding or validity errors.

delete
public void delete(String name) throws IOException(Code)
	Delete the attribute value.

encode
public void encode(OutputStream out) throws IOException(Code)
	Write the extension to the OutputStream. Parameters: out - the OutputStream to write the extension to. exception: IOException - on encoding errors.

get
public Object get(String name) throws IOException(Code)
	Get the attribute value.

getElements
public Enumeration getElements()(Code)
	Return an enumeration of names of attributes existing within this attribute.

getName
public String getName()(Code)
	Return the name of this attribute.

merge

public void merge(NameConstraintsExtension newConstraints) throws IOException(Code)

Merge additional name constraints with existing ones. This function is used in certification path processing to accumulate name constraints from successive certificates in the path. Note that NameConstraints can never be expanded by a merge, just remain constant or become more limiting.

IETF RFC2459 specifies the processing of Name Constraints as follows:

(j) If permittedSubtrees is present in the certificate, set the constrained subtrees state variable to the intersection of its previous value and the value indicated in the extension field.

(k) If excludedSubtrees is present in the certificate, set the excluded subtrees state variable to the union of its previous value and the value indicated in the extension field.

Parameters:
newConstraints - additional NameConstraints to be applied
throws:
IOException - on error

set
public void set(String name, Object obj) throws IOException(Code)
	Set the attribute value.

toString
public String toString()(Code)
	Return the printable string.

verify
public boolean verify(X509Certificate cert) throws IOException(Code)
	check whether a certificate conforms to these NameConstraints. This involves verifying that the subject name and subjectAltName extension (critical or noncritical) is consistent with the permitted subtrees state variables. Also verify that the subject name and subjectAltName extension (critical or noncritical) is consistent with the excluded subtrees state variables. Parameters: cert - X509Certificate to be verified throws: IOException - on error

verify
public boolean verify(GeneralNameInterface name) throws IOException(Code)
	check whether a name conforms to these NameConstraints. This involves verifying that the name is consistent with the permitted and excluded subtrees variables. Parameters: name - GeneralNameInterface name to be verified throws: IOException - on error

verifyRFC822SpecialCase
public boolean verifyRFC822SpecialCase(X500Name subject) throws IOException(Code)
	Perform the RFC 822 special case check. We have a certificate that does not contain any subject alternative names. Check that any EMAILADDRESS attributes in its subject name conform to these NameConstraints. Parameters: subject - the certificate's subject name throws: IOException - on error

Fields inherited from sun.security.x509.Extension

protected boolean critical(Code)(Java Doc)
protected ObjectIdentifier extensionId(Code)(Java Doc)
protected byte[] extensionValue(Code)(Java Doc)

Methods inherited from sun.security.x509.Extension

public void encode(DerOutputStream out) throws IOException(Code)(Java Doc)
public boolean equals(Object other)(Code)(Java Doc)
public ObjectIdentifier getExtensionId()(Code)(Java Doc)
public byte[] getExtensionValue()(Code)(Java Doc)
public int hashCode()(Code)(Java Doc)
public boolean isCritical()(Code)(Java Doc)
public String toString()(Code)(Java Doc)

Methods inherited from java.lang.Object

public boolean equals(Object obj)(Code)(Java Doc)
final native public Class getClass()(Code)(Java Doc)
native public int hashCode()(Code)(Java Doc)
final native public void notify()(Code)(Java Doc)
final native public void notifyAll()(Code)(Java Doc)
public String toString()(Code)(Java Doc)
final native public void wait(long timeout) throws InterruptedException(Code)(Java Doc)
final public void wait(long timeout, int nanos) throws InterruptedException(Code)(Java Doc)
final public void wait() throws InterruptedException(Code)(Java Doc)

www.java2java.com | Contact Us

All other trademarks are property of their respective owners.