Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.x509.extensions
Class InhibitAnyPolicy

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.extensions.InhibitAnyPolicy
public class InhibitAnyPolicy
extends V3Extension

This class implements the InhibitAnyPolicy extension.

The InhibitAnyPolicy extension is a standard X509v3 extension, which has to be marked as being critical.

Each extension is associated with a specific certificateExtension object identifier, derived from: 

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension

The object identifier for the InhibitAnyPolicy extension is defined as:

id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 }

which corresponds to the OID string "2.5.29.54".

The X.509 Certificate and CRL profile presented in RFC 2459 successordraft-ietf-pkix-new-part1-06.txt specifies the InhibitPolicy to may be used in certificates issued to CAs. The inhibit any-policy indicates that the special any-policy OID, with the value {2 5 29 32 0}, is not considered an explicit match for other certificate policies. The value indicates the number of additional certificates that may appear in the path before any- policy is no longer permitted. For example, a value of one indicates that any-policy may be processed in certificates issued by the subject of this certificate, but not in additional certificates in the path: 

 InhibitAnyPolicy ::= SkipCerts

 SkipCerts ::= INTEGER (0..MAX)
For adding a InhibitAnyPolicy extension object to a X509Certificate, use the addExtension method of the iaik.x509.X509Certificate class, e.g.: 

 int skipCerts = ...;
 InhibitAnyPolicy inhibitAnyPolicy = new InhibitAnyPolicy(skipCerts);
 X509Certificate cert = new X509Certificate();
  ...
 cert.addExtension(inhibitAnyPolicy);

When intending to mark this extension as critical, use the setCritical method of the iaik.x509.V3Extension parent class (note that you have to mark an extension as critical before adding the extension to a certificate), e.g.: 

 inhibitAnyPolicy.setCritical(true);

Version:
File Revision 8
See Also:
CertificatePolicies, V3Extension, X509Extensions, X509Certificate

Field Summary
static ObjectID oid
          The object identifier of this InhibitAnyPolicy extension.
 
Fields inherited from class iaik.x509.V3Extension
critical
 
Constructor Summary
InhibitAnyPolicy()
          Default constructor.
InhibitAnyPolicy(int skipCerts)
          Creates an InhibitAnyPolicy for the given skipCerts value.
 
Method Summary
 ObjectID getObjectID()
          Returns the object ID of this InhibitAnyPolicy extension
 int getSkipCerts()
          Returns the skipCerts value of this InhibitAnyPolicy extension.
 int hashCode()
          Returns a hashcode for this identity.
 void init(ASN1Object obj)
          Inits this InhibitAnyPolicy implementation with an ASN1object representing the value of this extension.
 ASN1Object toASN1Object()
          Returns an ASN1Object representing the value of this InhibitAnyPolicy extension object.
 String toString()
          Returns a string that represents the contents of this InhibitAnyPolicy extension.
 
Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

oid

public static final ObjectID oid
The object identifier of this InhibitAnyPolicy extension. The corresponding OID string is "2.5.29.54".
Constructor Detail

InhibitAnyPolicy

public InhibitAnyPolicy()
Default constructor.

Only used for dynamic object creation. Shall be not called by an application. skipCerts is set to 0.

InhibitAnyPolicy

public InhibitAnyPolicy(int skipCerts)
Creates an InhibitAnyPolicy for the given skipCerts value.
Parameters:
skipCerts - the skipCerts value indicating the number of additional certificates that may appear in the path before any-policy is no longer permitted
Method Detail

toASN1Object

public ASN1Object toASN1Object()
                        throws X509ExtensionException
Returns an ASN1Object representing the value of this InhibitAnyPolicy extension object.

The returned ASN1Object is an ASN.1 INTEGER specifying the skipCerts value that indicates the number of additional certificates that may appear in the path before any-policy is no longer permitted: 

 InhibitAnyPolicy ::= SkipCerts

 SkipCerts ::= INTEGER (0..MAX)
The ASN1Object created by this method may be used as parameter for the init method.
Overrides:
toASN1Object in class V3Extension
Returns:
the value of this InhibitAnyPolicy as ASN1Object

init

public void init(ASN1Object obj)
          throws X509ExtensionException
Inits this InhibitAnyPolicy implementation with an ASN1object representing the value of this extension.

The given ASN1Object represents an ASN.1 INTEGER specifying the skipCerts value that indicates the number of additional certificates that may appear in the path before any-policy is no longer permitted: 

 InhibitAnyPolicy ::= SkipCerts

 SkipCerts ::= INTEGER (0..MAX)

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a certificate for properly initializing an included InhibitAnyPolicy extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Overrides:
init in class V3Extension
Parameters:
obj - the InhibitAnyPolicy as ASN1Object

hashCode

public int hashCode()
Returns a hashcode for this identity.
Overrides:
hashCode in class V3Extension
Returns:
a hash code for this identity

getObjectID

public ObjectID getObjectID()
Returns the object ID of this InhibitAnyPolicy extension
Overrides:
getObjectID in class V3Extension
Returns:
the object ID

getSkipCerts

public int getSkipCerts()
Returns the skipCerts value of this InhibitAnyPolicy extension.
Returns:
the skipCerts value indicating the number of additional certificates that may appear in the path before any-policy is no longer permitted

toString

public String toString()
Returns a string that represents the contents of this InhibitAnyPolicy extension.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK