All Packages Class Hierarchy This Package Previous Next Index
Class netscape.security.x509.NameConstraintsExtension
netscape.security.x509.Extension
|
+----netscape.security.x509.NameConstraintsExtension
- public class NameConstraintsExtension
- extends Extension
- implements CertAttrSet
This class defines the Name Constraints Extension.
The name constraints extension provides permitted and excluded
subtrees that place restrictions on names that may be included within
a certificate issued by a given CA. Restrictions may apply to the
subject distinguished name or subject alternative names. Any name
matching a restriction in the excluded subtrees field is invalid
regardless of information appearing in the permitted subtrees.
The ASN.1 syntax for this is:
NameConstraints ::= SEQUENCE {
permittedSubtrees [0] GeneralSubtrees OPTIONAL,
excludedSubtrees [1] GeneralSubtrees OPTIONAL
}
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- See Also:
- Extension, CertAttrSet
-
EXCLUDED_SUBTREES
-
-
IDENT
- Identifier for this attribute, to be used with the
get, set, delete methods of Certificate, x509 type.
-
NAME
- Attribute names.
-
PERMITTED_SUBTREES
-
-
NameConstraintsExtension(Boolean, Object)
- Create the extension from the passed DER encoded value.
-
NameConstraintsExtension(GeneralSubtrees, GeneralSubtrees)
- The default constructor for this class.
-
decode(InputStream)
- Decode the extension from the InputStream.
-
delete(String)
- Delete the attribute value.
-
encode(OutputStream)
- Write the extension to the OutputStream.
-
get(String)
- Get the attribute value.
-
getElements()
- Return an enumeration of names of attributes existing within this
attribute.
-
getName()
- Return the name of this attribute.
-
set(String, Object)
- Set the attribute value.
-
toString()
- Return the printable string.
IDENT
public static final String IDENT
- Identifier for this attribute, to be used with the
get, set, delete methods of Certificate, x509 type.
NAME
public static final String NAME
- Attribute names.
PERMITTED_SUBTREES
public static final String PERMITTED_SUBTREES
EXCLUDED_SUBTREES
public static final String EXCLUDED_SUBTREES
NameConstraintsExtension
public NameConstraintsExtension(GeneralSubtrees permitted,
GeneralSubtrees excluded) throws IOException
- The default constructor for this class. Either parameter
can be set to null to indicate it is omitted but both
cannot be null.
- Parameters:
- permitted - the permitted GeneralSubtrees (null for optional).
- excluded - the excluded GeneralSubtrees (null for optional).
NameConstraintsExtension
public NameConstraintsExtension(Boolean critical,
Object value) throws IOException
- Create the extension from the passed DER encoded value.
- Parameters:
- critical - true if the extension is to be treated as critical.
- value - Array of DER encoded bytes of the actual value.
- Throws: IOException
- on error.
toString
public String toString()
- Return the printable string.
- Overrides:
- toString in class Extension
decode
public void decode(InputStream in) throws IOException
- Decode the extension from the InputStream.
- Parameters:
- in - the InputStream to unmarshal the contents from.
- Throws: IOException
- on decoding or validity errors.
encode
public void encode(OutputStream out) throws IOException
- Write the extension to the OutputStream.
- Parameters:
- out - the OutputStream to write the extension to.
- Throws: IOException
- on encoding errors.
set
public void set(String name,
Object obj) throws IOException
- Set the attribute value.
get
public Object get(String name) throws IOException
- Get the attribute value.
delete
public void delete(String name) throws IOException
- Delete the attribute value.
getElements
public Enumeration getElements()
- Return an enumeration of names of attributes existing within this
attribute.
getName
public String getName()
- Return the name of this attribute.
All Packages Class Hierarchy This Package Previous Next Index