iaik.x509.extensions.ocsp
Class NoCheck

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.extensions.ocsp.NoCheck

public class NoCheck
extends V3Extension

This class implements the OCSP NoCheck extension.

Each OCSP extension is associated with a specific ocsp extension object identifier, derived from RFC 2560:

 id-pkix  OBJECT IDENTIFIER  ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) }

 id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }       
        -- arc for access descriptors

 id-ad-ocsp      OBJECT IDENTIFIER ::= { id-ad 1 }
 
 id-pkix-ocsp    OBJECT IDENTIFIER ::= { id-ad-ocsp }
 
The object identifier for the NoCheck extension is defined as:
 id-pkix-ocsp-nocheck    OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
 
which corresponds to the OID string "1.3.6.1.5.5.7.48.1.5".

The Online Certificate Status Protocol (RFC 2560) specifies the NoCheck extension for being included in certificates when CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. CAs issuing such a certificate should realized that a compromise of the responder's key, is as serious as the compromise of a CA key used to sign CRLs, at least for the validity period of this certificate. CA's may choose to issue this type of certificate with a very short lifetime and renew it frequently.

ASN.1 definition:

 NoCheck ::= NULL
 

For adding a NoCheck extension object to a X509Certificate, use the addExtension method of the iaik.x509.X509Certificate class, e.g.:

 NoCheck noCheck = new NoCheck();
 cert.addExtension(noCheck);
 

Version:
File Revision 8
See Also:
X509Certificate, V3Extension, X509Extensions

Field Summary
static ObjectID oid
          The object identifier of this NoCheck extension.
 
Fields inherited from class iaik.x509.V3Extension
critical
 
Constructor Summary
NoCheck()
          Creates a NoCheck object.
 
Method Summary
 ObjectID getObjectID()
          Returns the object ID of this NoCheck extension
 int hashCode()
          Returns a hashcode for this identity.
 void init(ASN1Object obj)
          Inits this NoCheck implementation with an ASN1object representing the value of this extension.
 ASN1Object toASN1Object()
          Returns an ASN1Object representing the value of this NoCheck extension.
 String toString()
          Returns a string that represents the contents of this NoCheck extension.
 
Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

oid

public static final ObjectID oid
The object identifier of this NoCheck extension. The corresponding OID string is "1.3.6.1.5.5.7.48.1.5".
Constructor Detail

NoCheck

public NoCheck()
Creates a NoCheck object.
Method Detail

getObjectID

public ObjectID getObjectID()
Returns the object ID of this NoCheck extension
Overrides:
getObjectID in class V3Extension
Returns:
the object ID

init

public void init(ASN1Object obj)
Inits this NoCheck implementation with an ASN1object representing the value of this extension.

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a OCSP object for properly initializing an included NoCheck extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

The ASN1Object supplied to this method will reflect the ASN.1 representation of the NoCheck extension value:

 NoCheck ::= NULL
 
Overrides:
init in class V3Extension
Parameters:
obj - the NoCheck as ASN1Object (NULL)

toASN1Object

public ASN1Object toASN1Object()
Returns an ASN1Object representing the value of this NoCheck extension.

The ASN1Object returned by this method will reflect the ASN.1 representation of the NoCheck extension value:

 NoCheck ::= NULL
 
Overrides:
toASN1Object in class V3Extension
Returns:
the value of this NoCheck as ASN1Object (NULL)

hashCode

public int hashCode()
Returns a hashcode for this identity.
Overrides:
hashCode in class V3Extension
Returns:
a hash code for this identity

toString

public String toString()
Returns a string that represents the contents of this NoCheck extension.
Overrides:
toString in class Object
Returns:
the string representation

This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).

IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK