public abstract class V3Extension
extends java.lang.Object
ITU-T X.509 defines a standard certificate format to be used along with the X.500 naming tree conventions. The first version has been published as X509v1 format in 1988, and has been extended in 1993 by version 2 about two fields for uniquely identifying certificate subject and issuer.
 The X.509v3 certificate format - introduced by ISO/IEC and ANSI X9 - extends its
 predecessor v2 format about the Extensions field for including some additional
 information. Extension support for CRLs has been introduced by the X.509v2 CRL format
 (see RFC 3280). An extension may be
 a defined standard extension (e.g. certificatePolicies,
 keyUsage, ...), or it may be a private extension providing some
 community-specific information. If an extension is marked as critical, but
 the certificate handling software cannot parse this extension, the appertaining
 certificate has to be rejected (respectively CRL validation must fail).
 Non-Critical extensions can be ignored, if they cannot be handled
 (i.e. of unknown state).
 
 In ASN.1, the Extensions field is defined as a SEQUENCE of Extension:
 
 Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
 Extension  ::=  SEQUENCE  {
   extnID      OBJECT IDENTIFIER,
   critical    BOOLEAN DEFAULT FALSE,
   extnValue   OCTET STRING  }
 
 where critical specifies whether an extension has to be treated
 as being critical or not; the default value is FALSE. An extension can be identified by
 its object identifier, given in the extnID field. The value of the extension
 is represented as ASN.1 encoded OCTET STRING data structure in the extnValue
 field. Only one instance of a particular extension may be present in a particular
 certiifcate.
 
 The X509v3 certificate profile presented in RFC 3280
 prescribes that confirming CAs must support the AuthorityKeyIdentifier,
 SubjectKeyidentifier, BasicConstraints, KeyUsage
 and CertificatePolicies extensions. The SubjectAltName
 extensions has to be supported if certificates with empty subject fields are issued.
 
 Note, that this class per default sets the critical value to
 false indicating a non-critical extension. When including a critical
 extension into a certificate (or CRL) do not forget to set critical
 to true using the setCritical method
 before adding the particular extension to the certificate (or CRL):
 
<Extension_extending_V3Extension>.setCritical(true); cert.addExtension(<Extension_extending_V3Extension>);
X509Extensions, 
X509Certificate| Modifier and Type | Field and Description | 
|---|---|
| protected boolean | criticalSpecifies, if the actual V3Extension is critical or not. | 
| Constructor and Description | 
|---|
| V3Extension() | 
| Modifier and Type | Method and Description | 
|---|---|
| java.lang.String | getName()Returns the name of the extension. | 
| abstract ObjectID | getObjectID()Returns the object ID of the extension. | 
| abstract int | hashCode()Returns the hash code of the extension. | 
| abstract void | init(ASN1Object obj)Inits the implementation with an ASN1Object. | 
| boolean | isCritical()Returns  true, if this extension is critical. | 
| V3Extension | setCritical(boolean critical)Set the critical value of this extension. | 
| abstract ASN1Object | toASN1Object()Returns an ASN.1 representation of a particular extension. | 
protected boolean critical
true, the extension is a critical
 one; if the value of this field is false (default), the
 extension is non-critical.public abstract void init(ASN1Object obj) throws X509ExtensionException
X509Extensions class when parsing the ASN.1 representation
 of a certificate (or a CRL) for properly initializing any
 included extension. This method initializes a specific
 extension only with its value, but not with its critical
 specification. For that reason, this method shall not be
 explicitly called by an application.obj - the extension value as ASN1ObjectX509ExtensionException - if the extension could not parse the ASN1Objectpublic abstract ASN1Object toASN1Object() throws X509ExtensionException
The general ASN.1 definition of an X.509 extension looks like:
 Extension  ::=  SEQUENCE  {
   extnID      OBJECT IDENTIFIER,
   critical    BOOLEAN DEFAULT FALSE,
   extnValue   OCTET STRING  }
 
 where critical specifies whether an extension has to be treated
 as being critical or not; the default value is FALSE. An extension can be identified by
 its object identifier, given in the extnID field. The value of the extension
 is represented as ASN.1 encoded OCTET STRING data structure in the extnValue
 field.
 
 Attention! The ASN1Object returned by this method does
 not represent the extnValue (OCTET_STRING) from above;
 rather it represents the specific extension's ASN.1 representation itself.
 So, for example, when implementing the BasicConstraints extension, the corresponding ASN.1 Sequence will be returned:
 
  BasicConstraints ::= SEQUENCE {
      cA                      BOOLEAN DEFAULT FALSE,
      pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
 X509ExtensionException - if the extension could not be createdpublic abstract ObjectID getObjectID()
public abstract int hashCode()
hashCode in class java.lang.Objectpublic java.lang.String getName()
public V3Extension setCritical(boolean critical)
caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign).setCritical(true));critical - true if the extension is critical,
                 false if notpublic boolean isCritical()
true, if this extension is critical.true if  the extension is critical, false if not