| sun.security.x509 |
|
| Java Source File Name | Type | Comment |
| AccessDescription.java | Class | |
| AlgIdDSA.java | Class | This class identifies DSS/DSA Algorithm variants, which are distinguished
by using different algorithm parameters P, Q, G. |
| AlgorithmId.java | Class | This class identifies algorithms, such as cryptographic transforms, each
of which may be associated with parameters. |
| AttributeNameEnumeration.java | Class | This class provides the Enumeration implementation used
by all the X509 certificate attributes to return the attribute
names contained within them. |
| AuthorityInfoAccessExtension.java | Class | The Authority Information Access Extension (OID = 1.3.6.1.5.5.7.1.1).
The AIA extension identifies how to access CA information and services
for the certificate in which it appears. |
| AuthorityKeyIdentifierExtension.java | Class | This class represents the Authority Key Identifier Extension. |
| AVA.java | Class | X.500 Attribute-Value-Assertion (AVA): an attribute, as identified by
some attribute ID, has some particular value. |
| BasicConstraintsExtension.java | Class | This class represents the Basic Constraints Extension. |
| CertAndKeyGen.java | Class | Generate a pair of keys, and provide access to them. |
| CertAttrSet.java | Interface | This interface defines the methods required of a certificate attribute.
Examples of X.509 certificate attributes are Validity, Issuer_Name, and
Subject Name. |
| CertException.java | Class | CertException indicates one of a variety of certificate problems. |
| CertificateAlgorithmId.java | Class | This class defines the AlgorithmId for the Certificate. |
| CertificateExtensions.java | Class | This class defines the Extensions attribute for the Certificate. |
| CertificateIssuerExtension.java | Class | Represents the CRL Certificate Issuer Extension (OID = 2.5.29.29).
The CRL certificate issuer extension identifies the certificate issuer
associated with an entry in an indirect CRL, i.e. |
| CertificateIssuerName.java | Class | This class defines the X500Name attribute for the Certificate. |
| CertificateIssuerUniqueIdentity.java | Class | This class defines the subject/issuer unique identity attribute
for the Certificate. |
| CertificatePoliciesExtension.java | Class | This class defines the certificate policies extension which specifies the
policies under which the certificate has been issued
and the purposes for which the certificate may be used.
Applications with specific policy requirements are expected to have a
list of those policies which they will accept and to compare the
policy OIDs in the certificate to that list. |
| CertificatePolicyId.java | Class | Represent the CertificatePolicyId ASN.1 object. |
| CertificatePolicyMap.java | Class | Represent the CertificatePolicyMap ASN.1 object. |
| CertificatePolicySet.java | Class | This class defines the certificate policy set ASN.1 object. |
| CertificateSerialNumber.java | Class | This class defines the SerialNumber attribute for the Certificate. |
| CertificateSubjectName.java | Class | This class defines the X500Name attribute for the Certificate. |
| CertificateSubjectUniqueIdentity.java | Class | This class defines the subject/issuer unique identity attribute
for the Certificate. |
| CertificateValidity.java | Class | This class defines the interval for which the certificate is valid. |
| CertificateVersion.java | Class | This class defines the version of the X509 Certificate. |
| CertificateX509Key.java | Class | This class defines the X509Key attribute for the Certificate. |
| CertParseError.java | Class | CertException indicates one of a variety of certificate problems. |
| CRLDistributionPointsExtension.java | Class | Represent the CRL Distribution Points Extension (OID = 2.5.29.31).
The CRL distribution points extension identifies how CRL information
is obtained. |
| CRLExtensions.java | Class | This class defines the CRL Extensions. |
| CRLNumberExtension.java | Class | Represent the CRL Number Extension.
This extension, if present, conveys a monotonically increasing
sequence number for each CRL issued by a given CA through a specific
CA X.500 Directory entry or CRL distribution point. |
| CRLReasonCodeExtension.java | Class | The reasonCode is a non-critical CRL entry extension that identifies
the reason for the certificate revocation. |
| DeltaCRLIndicatorExtension.java | Class | Represents the Delta CRL Indicator Extension.
The extension identifies a CRL as being a delta CRL.
Delta CRLs contain updates to revocation information previously distributed,
rather than all the information that would appear in a complete CRL. |
| DistributionPoint.java | Class | Represent the DistributionPoint sequence used in the CRL
Distribution Points Extension (OID = 2.5.29.31).
The ASN.1 definition for this is:
DistributionPoint ::= SEQUENCE {
distributionPoint [0] DistributionPointName OPTIONAL,
reasons [1] ReasonFlags OPTIONAL,
cRLIssuer [2] GeneralNames OPTIONAL }
DistributionPointName ::= CHOICE {
fullName [0] GeneralNames,
nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
ReasonFlags ::= BIT STRING {
unused (0),
keyCompromise (1),
cACompromise (2),
affiliationChanged (3),
superseded (4),
cessationOfOperation (5),
certificateHold (6),
privilegeWithdrawn (7),
aACompromise (8) }
GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
GeneralName ::= CHOICE {
otherName [0] INSTANCE OF OTHER-NAME,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER }
RelativeDistinguishedName ::=
SET OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type AttributeType,
value AttributeValue }
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
Instances of this class are designed to be immutable. |
| DistributionPointName.java | Class | Represents the DistributionPointName ASN.1 type.
It is used in the CRL Distribution Points Extension (OID = 2.5.29.31)
and the Issuing Distribution Point Extension (OID = 2.5.29.28).
Its ASN.1 definition is:
DistributionPointName ::= CHOICE {
fullName [0] GeneralNames,
nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
GeneralName ::= CHOICE {
otherName [0] INSTANCE OF OTHER-NAME,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER }
RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type AttributeType,
value AttributeValue }
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
Instances of this class are designed to be immutable. |
| DNSName.java | Class | This class implements the DNSName as required by the GeneralNames
ASN.1 object.
[RFC2459] When the subjectAltName extension contains a domain name service
label, the domain name MUST be stored in the dNSName (an IA5String).
The name MUST be in the "preferred name syntax," as specified by RFC
1034 [RFC 1034]. |
| EDIPartyName.java | Class | This class defines the EDIPartyName of the GeneralName choice. |
| ExtendedKeyUsageExtension.java | Class | This class defines the Extended Key Usage Extension, which
indicates one or more purposes for which the certified public key
may be used, in addition to or in place of the basic purposes
indicated in the key usage extension field. |
| Extension.java | Class | Represent a X509 Extension Attribute.
Extensions are additional attributes which can be inserted in a X509
v3 certificate. |
| FreshestCRLExtension.java | Class | Represents the Freshest CRL Extension.
The extension identifies how delta CRL information for a
complete CRL is obtained. |
| GeneralName.java | Class | This class implements the ASN.1 GeneralName object class. |
| GeneralNameInterface.java | Interface | This interface specifies the abstract methods which have to be
implemented by all the members of the GeneralNames ASN.1 object. |
| GeneralNames.java | Class | This object class represents the GeneralNames type required in
X509 certificates. |
| GeneralSubtree.java | Class | |
| GeneralSubtrees.java | Class | Represent the GeneralSubtrees ASN.1 object. |
| InhibitAnyPolicyExtension.java | Class | This class represents the Inhibit Any-Policy Extension.
The inhibit any-policy extension can be used in certificates issued
to CAs. |
| IPAddressName.java | Class | This class implements the IPAddressName as required by the GeneralNames
ASN.1 object. |
| IssuerAlternativeNameExtension.java | Class | This represents the Issuer Alternative Name Extension. |
| IssuingDistributionPointExtension.java | Class | Represents the CRL Issuing Distribution Point Extension (OID = 2.5.29.28). |
| KeyIdentifier.java | Class | Represent the Key Identifier ASN.1 object. |
| KeyUsageExtension.java | Class | Represent the Key Usage Extension. |
| NameConstraintsExtension.java | Class | This class defines the Name Constraints Extension.
The name constraints extension provides permitted and excluded
subtrees that place restrictions on names that may be included within
a certificate issued by a given CA. |
| NetscapeCertTypeExtension.java | Class | Represents Netscape Certificate Type Extension.
The details are defined
here .
This extension, if present, defines both the purpose
(e.g., encipherment, signature, certificate signing) and the application
(e.g., SSL, S/Mime or Object Signing of the key contained in the
certificate. |
| OIDMap.java | Class | This class defines the mapping from OID & name to classes and vice
versa. |
| OIDName.java | Class | This class implements the OIDName as required by the GeneralNames
ASN.1 object. |
| OtherName.java | Class | This class represents the OtherName as required by the GeneralNames
ASN.1 object. |
| PKIXExtensions.java | Class | Lists all the object identifiers of the X509 extensions of the PKIX profile.
Extensions are addiitonal attributes which can be inserted in a X509
v3 certificate. |
| PolicyConstraintsExtension.java | Class | This class defines the certificate extension which specifies the
Policy constraints.
The policy constraints extension can be used in certificates issued
to CAs. |
| PolicyInformation.java | Class | PolicyInformation is the class that contains a specific certificate policy
that is part of the CertificatePoliciesExtension. |
| PolicyMappingsExtension.java | Class | Represent the Policy Mappings Extension.
This extension, if present, identifies the certificate policies considered
identical between the issuing and the subject CA.
Extensions are addiitonal attributes which can be inserted in a X509
v3 certificate. |
| PrivateKeyUsageExtension.java | Class | This class defines the Private Key Usage Extension.
The Private Key Usage Period extension allows the certificate issuer
to specify a different validity period for the private key than the
certificate. |
| RDN.java | Class | RDNs are a set of {attribute = value} assertions. |
| ReasonFlags.java | Class | Represent the CRL Reason Flags. |
| RFC822Name.java | Class | This class implements the RFC822Name as required by the GeneralNames
ASN.1 object. |
| SerialNumber.java | Class | This class defines the SerialNumber class used by certificates. |
| SubjectAlternativeNameExtension.java | Class | This represents the Subject Alternative Name Extension. |
| SubjectKeyIdentifierExtension.java | Class | Represent the Subject Key Identifier Extension.
This extension, if present, provides a means of identifying the particular
public key used in an application. |
| UniqueIdentity.java | Class | This class defines the UniqueIdentity class used by certificates. |
| URIName.java | Class | This class implements the URIName as required by the GeneralNames
ASN.1 object.
[RFC3280] When the subjectAltName extension contains a URI, the name MUST be
stored in the uniformResourceIdentifier (an IA5String). |
| X400Address.java | Class | This class defines the X400Address of the GeneralName choice.
The ASN.1 syntax for this is:
ORAddress ::= SEQUENCE {
built-in-standard-attributes BuiltInStandardAttributes,
built-in-domain-defined-attributes
BuiltInDomainDefinedAttributes OPTIONAL,
-- see also teletex-domain-defined-attributes
extension-attributes ExtensionAttributes OPTIONAL }
-- The OR-address is semantically absent from the OR-name if the
-- built-in-standard-attribute sequence is empty and the
-- built-in-domain-defined-attributes and extension-attributes are
-- both omitted.
-- Built-in Standard Attributes
BuiltInStandardAttributes ::= SEQUENCE {
country-name CountryName OPTIONAL,
administration-domain-name AdministrationDomainName OPTIONAL,
network-address [0] NetworkAddress OPTIONAL,
-- see also extended-network-address
terminal-identifier [1] TerminalIdentifier OPTIONAL,
private-domain-name [2] PrivateDomainName OPTIONAL,
organization-name [3] OrganizationName OPTIONAL,
-- see also teletex-organization-name
numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
personal-name [5] PersonalName OPTIONAL,
-- see also teletex-personal-name
organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
-- see also teletex-organizational-unit-names -- }
CountryName ::= [APPLICATION 1] CHOICE {
x121-dcc-code NumericString
(SIZE (ub-country-name-numeric-length)),
iso-3166-alpha2-code PrintableString
(SIZE (ub-country-name-alpha-length)) }
AdministrationDomainName ::= [APPLICATION 2] CHOICE {
numeric NumericString (SIZE (0..ub-domain-name-length)),
printable PrintableString (SIZE (0..ub-domain-name-length)) }
NetworkAddress ::= X121Address -- see also extended-network-address
X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
PrivateDomainName ::= CHOICE {
numeric NumericString (SIZE (1..ub-domain-name-length)),
printable PrintableString (SIZE (1..ub-domain-name-length)) }
OrganizationName ::= PrintableString
(SIZE (1..ub-organization-name-length))
-- see also teletex-organization-name
NumericUserIdentifier ::= NumericString
(SIZE (1..ub-numeric-user-id-length))
PersonalName ::= SET {
surname [0] PrintableString (SIZE (1..ub-surname-length)),
given-name [1] PrintableString
(SIZE (1..ub-given-name-length)) OPTIONAL,
initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
generation-qualifier [3] PrintableString
(SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
-- see also teletex-personal-name
OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
OF OrganizationalUnitName
-- see also teletex-organizational-unit-names
OrganizationalUnitName ::= PrintableString (SIZE
(1..ub-organizational-unit-name-length))
-- Built-in Domain-defined Attributes
BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
(1..ub-domain-defined-attributes) OF
BuiltInDomainDefinedAttribute
BuiltInDomainDefinedAttribute ::= SEQUENCE {
type PrintableString (SIZE
(1..ub-domain-defined-attribute-type-length)),
value PrintableString (SIZE
(1..ub-domain-defined-attribute-value-length))}
-- Extension Attributes
ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
ExtensionAttribute
ExtensionAttribute ::= SEQUENCE {
extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
extension-attribute-value [1]
ANY DEFINED BY extension-attribute-type }
-- Extension types and attribute values
--
common-name INTEGER ::= 1
CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
teletex-common-name INTEGER ::= 2
TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
teletex-organization-name INTEGER ::= 3
TeletexOrganizationName ::=
TeletexString (SIZE (1..ub-organization-name-length))
teletex-personal-name INTEGER ::= 4
TeletexPersonalName ::= SET {
surname [0] TeletexString (SIZE (1..ub-surname-length)),
given-name [1] TeletexString
(SIZE (1..ub-given-name-length)) OPTIONAL,
initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
generation-qualifier [3] TeletexString (SIZE
(1..ub-generation-qualifier-length)) OPTIONAL }
teletex-organizational-unit-names INTEGER ::= 5
TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
(1..ub-organizational-units) OF TeletexOrganizationalUnitName
TeletexOrganizationalUnitName ::= TeletexString
(SIZE (1..ub-organizational-unit-name-length))
pds-name INTEGER ::= 7
PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
physical-delivery-country-name INTEGER ::= 8
PhysicalDeliveryCountryName ::= CHOICE {
x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
iso-3166-alpha2-code PrintableString
(SIZE (ub-country-name-alpha-length)) }
postal-code INTEGER ::= 9
PostalCode ::= CHOICE {
numeric-code NumericString (SIZE (1..ub-postal-code-length)),
printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
physical-delivery-office-name INTEGER ::= 10
PhysicalDeliveryOfficeName ::= PDSParameter
physical-delivery-office-number INTEGER ::= 11
PhysicalDeliveryOfficeNumber ::= PDSParameter
extension-OR-address-components INTEGER ::= 12
ExtensionORAddressComponents ::= PDSParameter
physical-delivery-personal-name INTEGER ::= 13
PhysicalDeliveryPersonalName ::= PDSParameter
physical-delivery-organization-name INTEGER ::= 14
PhysicalDeliveryOrganizationName ::= PDSParameter
extension-physical-delivery-address-components INTEGER ::= 15
ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
unformatted-postal-address INTEGER ::= 16
UnformattedPostalAddress ::= SET {
printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
teletex-string TeletexString
(SIZE (1..ub-unformatted-address-length)) OPTIONAL }
street-address INTEGER ::= 17
StreetAddress ::= PDSParameter
post-office-box-address INTEGER ::= 18
PostOfficeBoxAddress ::= PDSParameter
poste-restante-address INTEGER ::= 19
PosteRestanteAddress ::= PDSParameter
unique-postal-name INTEGER ::= 20
UniquePostalName ::= PDSParameter
local-postal-attributes INTEGER ::= 21
LocalPostalAttributes ::= PDSParameter
PDSParameter ::= SET {
printable-string PrintableString
(SIZE(1..ub-pds-parameter-length)) OPTIONAL,
teletex-string TeletexString
(SIZE(1..ub-pds-parameter-length)) OPTIONAL }
extended-network-address INTEGER ::= 22
ExtendedNetworkAddress ::= CHOICE {
e163-4-address SEQUENCE {
number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
sub-address [1] NumericString
(SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
psap-address [0] PresentationAddress }
PresentationAddress ::= SEQUENCE {
pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
terminal-type INTEGER ::= 23
TerminalType ::= INTEGER {
telex (3),
teletex (4),
g3-facsimile (5),
g4-facsimile (6),
ia5-terminal (7),
videotex (8) } (0..ub-integer-options)
-- Extension Domain-defined Attributes
teletex-domain-defined-attributes INTEGER ::= 6
TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
(1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
TeletexDomainDefinedAttribute ::= SEQUENCE {
type TeletexString
(SIZE (1..ub-domain-defined-attribute-type-length)),
value TeletexString
(SIZE (1..ub-domain-defined-attribute-value-length)) }
-- specifications of Upper Bounds shall be regarded as mandatory
-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter
-- Upper Bounds
-- Upper Bounds
ub-name INTEGER ::= 32768
ub-common-name INTEGER ::= 64
ub-locality-name INTEGER ::= 128
ub-state-name INTEGER ::= 128
ub-organization-name INTEGER ::= 64
ub-organizational-unit-name INTEGER ::= 64
ub-title INTEGER ::= 64
ub-match INTEGER ::= 128
ub-emailaddress-length INTEGER ::= 128
ub-common-name-length INTEGER ::= 64
ub-country-name-alpha-length INTEGER ::= 2
ub-country-name-numeric-length INTEGER ::= 3
ub-domain-defined-attributes INTEGER ::= 4
ub-domain-defined-attribute-type-length INTEGER ::= 8
ub-domain-defined-attribute-value-length INTEGER ::= 128
ub-domain-name-length INTEGER ::= 16
ub-extension-attributes INTEGER ::= 256
ub-e163-4-number-length INTEGER ::= 15
ub-e163-4-sub-address-length INTEGER ::= 40
ub-generation-qualifier-length INTEGER ::= 3
ub-given-name-length INTEGER ::= 16
ub-initials-length INTEGER ::= 5
ub-integer-options INTEGER ::= 256
ub-numeric-user-id-length INTEGER ::= 32
ub-organization-name-length INTEGER ::= 64
ub-organizational-unit-name-length INTEGER ::= 32
ub-organizational-units INTEGER ::= 4
ub-pds-name-length INTEGER ::= 16
ub-pds-parameter-length INTEGER ::= 30
ub-pds-physical-address-lines INTEGER ::= 6
ub-postal-code-length INTEGER ::= 16
ub-surname-length INTEGER ::= 40
ub-terminal-id-length INTEGER ::= 24
ub-unformatted-address-length INTEGER ::= 180
ub-x121-address-length INTEGER ::= 16
-- Note - upper bounds on string types, such as TeletexString, are
-- measured in characters. |
| X500Name.java | Class | Note: As of 1.4, the public class,
javax.security.auth.x500.X500Principal,
should be used when parsing, generating, and comparing X.500 DNs.
This class contains other useful methods for checking name constraints
and retrieving DNs by keyword.
X.500 names are used to identify entities, such as those which are
identified by X.509 certificates. |
| X500Signer.java | Class | This class provides a binding between a Signature object and an
authenticated X.500 name (from an X.509 certificate chain), which
is needed in many public key signing applications. |
| X509AttributeName.java | Class | This class is used to parse attribute names like "x509.info.extensions". |
| X509Cert.java | Class | |
| X509CertImpl.java | Class | The X509CertImpl class represents an X.509 certificate. |
| X509CertInfo.java | Class | The X509CertInfo class represents X.509 certificate information.
X.509 certificates have several base data elements, including:
- The Subject Name, an X.500 Distinguished Name for
the entity (subject) for which the certificate was issued.
- The Subject Public Key, the public key of the subject.
This is one of the most important parts of the certificate.
- The Validity Period, a time period (e.g.
|
| X509CRLEntryImpl.java | Class | Abstract class for a revoked certificate in a CRL. |
| X509CRLImpl.java | Class |
An implmentation for X509 CRL (Certificate Revocation List).
The X.509 v2 CRL format is described below in ASN.1:
CertificateList ::= SEQUENCE {
tbsCertList TBSCertList,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING }
More information can be found in
RFC 3280: Internet X.509
Public Key Infrastructure Certificate and CRL Profile. |
| X509Key.java | Class | Holds an X.509 key, for example a public key found in an X.509
certificate. |