Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.x509.extensions
Class IssuerAltName

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.extensions.IssuerAltName
public class IssuerAltName
extends V3Extension

This class implements the IssuerAltName extension.

The IssuerAltName extension is a standard X509v3 extension, which should not be marked as being critical.

Each extension is associated with a specific certificateExtension object identifier, derived from: 

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension

The object identifier for the IssuerAltName extension is defined as:

id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 }

which corresponds to the OID string "2.5.29.18".

The X.509 Certificate and CRL profile presented in RFC 2459 specifies the Issuer Alternative Name extension for associating Internet style identities with the issuer of the certificate. Defined options include an rfc822 name (electronic mail address), a DNS name, an IP address, and an URI: 

 IssuerAltName ::= GeneralNames
 

 GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
 

 GeneralName ::= CHOICE {
          otherName                       [0]     OtherName,
          rfc822Name                      [1]     IA5String,
          dNSName                         [2]     IA5String,
          x400Address                     [3]     ORAddress,
          directoryName                   [4]     Name,
          ediPartyName                    [5]     EDIPartyName,
          uniformResourceIdentifier       [6]     IA5String,
          iPAddress                       [7]     OCTET STRING,
          registeredID                    [8]     OBJECT IDENTIFIER}
 

 OtherName ::= SEQUENCE {
          type-id    OBJECT IDENTIFIER,
          value      [0] EXPLICIT ANY DEFINED BY type-id }
 

 EDIPartyName ::= SEQUENCE {
          nameAssigner            [0]     DirectoryString OPTIONAL,
          partyName               [1]     DirectoryString }
 

 DirectoryString ::= CHOICE {
    teletexString           TeletexString (SIZE (1..maxSize),
    printableString         PrintableString (SIZE (1..maxSize)),
    universalString         UniversalString (SIZE (1..maxSize)),
    utf8String              UTF8String (SIZE (1.. MAX)),
    bmpString               BMPString (SIZE(1..maxSIZE))
 }

More information can be found in RFC 2459, section 4.2.1.8 "Issuer Alternative Name".

For adding a IssuerAltName extension object to a X509Certificate, use the addExtension method of the X509Certificate class, e.g.: 

 X509Certificate cert = new X509Certificate();
  ...
 GeneralNames generalNames = new GeneralNames();
 generalNames.addName(new GeneralName(GeneralName.uniformResourceIdentifier, "http://www.test.com/"));
 IssuerAltName issuerAltName = new IssuerAltName(generalNames);
 cert.addExtension(issuerAltName);

When intending to mark this extension as critical (which necessarily has to be done if the certificate´s issuer field is an empty sequence), use the setCritical method of the iaik.x509.V3Extension parent class (note that you have to mark an extension as critical before adding the extension to a certificate): 

 issuerAltName.setCritical(true);

Version:
File Revision 24
See Also:
GeneralNames, GeneralName, IA5String, OCTET_STRING, ObjectID, Name, T61String, PrintableString, UNIString, BMPString, V3Extension, X509Extensions, X509Certificate

Field Summary
static ObjectID oid
          The object identifier of this IssuerAltName extension.
 
Fields inherited from class iaik.x509.V3Extension
critical
 
Constructor Summary
IssuerAltName()
          Default Constructor.
IssuerAltName(GeneralNames generalNames)
          Constructs an IssuerAltName object form a GeneralNames ASN.1 type.
 
Method Summary
 GeneralNames getGeneralNames()
          Returns the alternative name of the issuer.
 ObjectID getObjectID()
          Returns the object ID of this IssuerAltName extension
 int hashCode()
          Returns a hashcode for this identity.
 void init(ASN1Object obj)
          Inits this IssuerAltName implementation with an ASN1object representing the value of this extension.
 void setGeneralNames(GeneralNames alternateName)
          Sets the alternative name of the issuer.
 ASN1Object toASN1Object()
          Returns an ASN1Object representing the value of this IssuerAltName extension object.
 String toString()
          Returns a string that represents the of this IssuerAltName extension.
 
Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

oid

public static final ObjectID oid
The object identifier of this IssuerAltName extension. The corresponding OID string is "2.5.29.18".
Constructor Detail

IssuerAltName

public IssuerAltName()
Default Constructor.

Creates an empty IssuerAltName object. Use setGeneralNames for supplying some GeneralNames object to this IssuerAltName extension.

The critical value per default is set to false. If you want to specify this extension as critical (which necessarily has to be done if the certificate´s issuer field is an empty sequence) before adding it to a certificate, use the setCritical method of the iaik.x509.V3Extension parent class: 

 issuerAltName.setCritical(true);
 cert.addExtension(issuerAltName);

See Also:
V3Extension.setCritical(boolean)

IssuerAltName

public IssuerAltName(GeneralNames generalNames)
Constructs an IssuerAltName object form a GeneralNames ASN.1 type.

The critical value per default is set to false. If you want to specify this extension as critical (which necessarily has to be done if the certificate´s issuer field is an empty sequence) before adding it to a certificate, use the setCritical method of the iaik.x509.V3Extension parent class: 

 X509Certificate cert = new X509Certificate();
  ...
 GeneralNames generalNames = new GeneralNames();
 generalNames.addName(new GeneralName(GeneralName.uniformResourceIdentifier, "http://www.test.com/"));
 IssuerAltName issuerAltName = new IssuerAltName(generalNames);
 issuerAltName.setCritical(true);
 cert.addExtension(issuerAltName);

Parameters:
gn - the alternative name of the issuer as GeneralNames
See Also:
V3Extension.setCritical(boolean), GeneralNames
Method Detail

getObjectID

public ObjectID getObjectID()
Returns the object ID of this IssuerAltName extension
Overrides:
getObjectID in class V3Extension
Returns:
the object ID

init

public void init(ASN1Object obj)
          throws X509ExtensionException
Inits this IssuerAltName implementation with an ASN1object representing the value of this extension.

The given ASN1Object represents a GeneralNames value (additionally) identifying the certificate issuer.

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a certificate for properly initializing an included IssuerAltName extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Overrides:
init in class V3Extension
Parameters:
obj - the IssuerAltName as ASN1Object
Throws:
X509ExtensionException - if the extension could not be parsed

toASN1Object

public ASN1Object toASN1Object()
                        throws X509ExtensionException
Returns an ASN1Object representing the value of this IssuerAltName extension object.

The returned ASN1Object represents a GeneralNames value (additionally) identifying the certificate issuer. 

 IssuerAltName ::= GeneralNames
Overrides:
toASN1Object in class V3Extension
Returns:
the value of this IssuerAltName as ASN1Object
Throws:
X509ExtensionException - if the ASN1Object cannot be created because of an coding error

setGeneralNames

public void setGeneralNames(GeneralNames alternateName)
Sets the alternative name of the issuer.

For instance: 

 GeneralNames generalNames = new GeneralNames();
 generalNames.addName(new GeneralName(GeneralName.uniformResourceIdentifier, "http://www.test.com/"));
 IssuerAltName issuerAltName = new IssuerAltName();
 issuerAltName.setGeneralNames(generalNames);

Parameters:
the - alternative name of the issuer as GeneralNames
See Also:
getGeneralNames(), GeneralNames

getGeneralNames

public GeneralNames getGeneralNames()
Returns the alternative name of the issuer.
Returns:
the alternative name as GeneralNames
See Also:
setGeneralNames(iaik.asn1.structures.GeneralNames), GeneralNames

hashCode

public int hashCode()
Returns a hashcode for this identity.
Overrides:
hashCode in class V3Extension
Returns:
a hash code for this identity

toString

public String toString()
Returns a string that represents the of this IssuerAltName extension.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK