|
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |
|
public class NoCheck extends V3Extension
NoCheck extension.
Each OCSP extension is associated with a specific ocsp extension
object identifier, derived from RFC 2560,
RFC 6960:
id-pkix OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) }
id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
-- arc for access descriptors
id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
id-pkix-ocsp OBJECT IDENTIFIER ::= { id-ad-ocsp }
The object identifier for the NoCheck extension
is defined as:
id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
which corresponds to the OID string "1.3.6.1.5.5.7.48.1.5".
The Online Certificate Status Protocol (RFC 2560) specifies the NoCheck extension for being included in certificates when CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. CAs issuing such a certificate should realized that a compromise of the responder's key, is as serious as the compromise of a CA key used to sign CRLs, at least for the validity period of this certificate. CA's may choose to issue this type of certificate with a very short lifetime and renew it frequently.
ASN.1 definition:
NoCheck ::= NULL
For adding a NoCheck extension object to
a X509Certificate, use the addExtension method of the
iaik.x509.X509Certificate
class, e.g.:
NoCheck noCheck = new NoCheck(); cert.addExtension(noCheck);
X509Certificate,
V3Extension,
X509Extensions| Modifier and Type | Field and Description |
|---|---|
static ObjectID |
oid
The object identifier of this NoCheck extension.
|
critical| Constructor and Description |
|---|
NoCheck()
Creates a
NoCheck object. |
| Modifier and Type | Method and Description |
|---|---|
ObjectID |
getObjectID()
Returns the object ID of this
NoCheck extension |
int |
hashCode()
Returns a hashcode for this identity.
|
void |
init(ASN1Object obj)
Inits this
NoCheck implementation with an ASN1object
representing the value of this extension. |
ASN1Object |
toASN1Object()
Returns an ASN1Object representing the value of this
NoCheck extension. |
java.lang.String |
toString()
Returns a string that represents the contents of this
NoCheck extension. |
getName, isCritical, setCriticalpublic static final ObjectID oid
public ObjectID getObjectID()
NoCheck extensiongetObjectID in class V3Extensionpublic void init(ASN1Object obj)
NoCheck implementation with an ASN1object
representing the value of this extension.
The given ASN1Object is the one created by toASN1Object().
This method is used by the X509Extensions class when parsing the ASN.1 representation
of a OCSP object for properly initializing an included
NoCheck extension. This method initializes the
extension only with its value, but not with its critical
specification. For that reason, this method shall not be
explicitly called by an application.
The ASN1Object supplied to this method will reflect the ASN.1 representation of the NoCheck extension value:
NoCheck ::= NULL
init in class V3Extensionobj - the NoCheck as ASN1Object (NULL)public ASN1Object toASN1Object()
NoCheck extension.
The ASN1Object returned by this method will reflect the ASN.1 representation of the NoCheck extension value:
NoCheck ::= NULL
toASN1Object in class V3ExtensionNoCheck as ASN1Object (NULL)public int hashCode()
hashCode in class V3Extensionpublic java.lang.String toString()
NoCheck extension.toString in class java.lang.Object