|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--iaik.x509.V3Extension | +--iaik.x509.extensions.ocsp.NoCheck
This class implements the OCSP NoCheck
extension.
Each OCSP extension is associated with a specific ocsp extension
object identifier, derived from RFC 2560:
id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) } id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } -- arc for access descriptors id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } id-pkix-ocsp OBJECT IDENTIFIER ::= { id-ad-ocsp }The object identifier for the
NoCheck
extension
is defined as:
id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }which corresponds to the OID string "1.3.6.1.5.5.7.48.1.5".
The Online Certificate Status Protocol (RFC 2560) specifies the NoCheck extension for being included in certificates when CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. CAs issuing such a certificate should realized that a compromise of the responder's key, is as serious as the compromise of a CA key used to sign CRLs, at least for the validity period of this certificate. CA's may choose to issue this type of certificate with a very short lifetime and renew it frequently.
ASN.1 definition:
NoCheck ::= NULLFor adding a
NoCheck
extension object to a X509Certificate, use theaddExtension
method of theiaik.x509.X509Certificate
class, e.g.:NoCheck noCheck = new NoCheck(); cert.addExtension(noCheck);
X509Certificate
,
V3Extension
,
X509Extensions
Field Summary | |
static ObjectID |
oid
The object identifier of this NoCheck extension. |
Fields inherited from class iaik.x509.V3Extension |
critical |
Constructor Summary | |
NoCheck()
Creates a NoCheck object. |
Method Summary | |
ObjectID |
getObjectID()
Returns the object ID of this NoCheck extension |
int |
hashCode()
Returns a hashcode for this identity. |
void |
init(ASN1Object obj)
Inits this NoCheck implementation with an ASN1object
representing the value of this extension.
|
ASN1Object |
toASN1Object()
Returns an ASN1Object representing the value of this NoCheck extension.
|
String |
toString()
Returns a string that represents the contents of this NoCheck extension. |
Methods inherited from class iaik.x509.V3Extension |
getName, isCritical, setCritical |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
public static final ObjectID oid
Constructor Detail |
public NoCheck()
NoCheck
object.Method Detail |
public ObjectID getObjectID()
NoCheck
extensiongetObjectID
in class V3Extension
public void init(ASN1Object obj)
NoCheck
implementation with an ASN1object
representing the value of this extension.
The given ASN1Object is the one created by toASN1Object()
.
This method is used by the X509Extensions
class when parsing the ASN.1 representation
of a OCSP object for properly initializing an included
NoCheck extension. This method initializes the
extension only with its value, but not with its critical
specification. For that reason, this method shall not be
explicitly called by an application.
The ASN1Object supplied to this method will reflect the ASN.1 representation of the NoCheck extension value:
NoCheck ::= NULL
init
in class V3Extension
obj
- the NoCheck as ASN1Object (NULL)public ASN1Object toASN1Object()
NoCheck
extension.
The ASN1Object returned by this method will reflect the ASN.1 representation of the NoCheck extension value:
NoCheck ::= NULL
toASN1Object
in class V3Extension
NoCheck
as ASN1Object (NULL)public int hashCode()
hashCode
in class V3Extension
public String toString()
NoCheck
extension.toString
in class Object
|
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note). | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |