|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.rsa.certj.cert.extensions.X509V3Extension | +--com.rsa.certj.cert.extensions.BasicConstraints
This class builds and holds the BasicConstraints
extension. It indicates whether the subject may act as a CA,
and use its certified public key to verify
certificate signatures. If so, a certification path length
constraint may also be specified.
basicConstraints EXTENSION ::= { SYNTAX BasicConstraintsSyntax IDENTIFIED BY id-ce-basicConstraints } BasicConstraintsSyntax ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER (0..MAX) OPTIONAL } |
cA
component indicates whether the certified
public key may be used to verify certificate signatures.
Include the pathLenConstraint
component
only if cA
is set to true
. It gives
the maximum number of CA certificates that may follow this
certificate in a certification path. A value of zero
indicates that the subject of this certificate may issue
certificates only to end-entities and not to further CAs.
If no pathLenConstraint
field appears in any
certificate of a certification path, there is no limit to
the allowed length of the certification path.
This extension must appear as a critical extension in all
CA certificates. This extension should not appear in
end-entity certificates.
Copyright © RSA Security Inc., 1999-2001. All rights reserved.
See Also
Constructor Summary |
|
BasicConstraints()
Constructs an empty |
|
BasicConstraints(boolean cA,
int pathLenConstraint,
boolean criticality)
Constructs a |
Method Summary |
|
clone()
Overrides the default |
|
void |
decodeValue(byte[] valueBER,
int offset)
Decode the value. |
int |
derEncodeValue(byte[] encoding,
int offset)
Place the encoding of the value into encoding, beginning at offset. |
int |
derEncodeValueInit()
Initialize for encoding the value. |
boolean |
getCA()
Returns the value of the |
int |
getPathLen()
Returns the value of the |
void |
setCA(boolean cA)
Sets the value of the |
void |
setPathLen(int pathLenConstraint)
Sets the pathLenConstraint value,
if |
Methods inherited from class com.rsa.certj.cert.extensions.X509V3Extension |
extend, getCriticality, getDEREncoding, getDERLen, getExtensionType, getExtensionTypeString, getInstance, getNextBEROffset, isExtensionType, setCriticality, setEncoding, setSpecialOID, setStandardOID |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public BasicConstraints()
BasicConstraints
object
that is not a critical extension.public BasicConstraints(boolean cA, int pathLenConstraint, boolean criticality) throws CertificateException
BasicConstraints
object and
initializes it with the given values.Parameters
cA | A | ||
pathLenConstraint | An | ||
criticality | The user-specified criticality. |
Throws
CertificateException
- If cA
is set to false
and
a pathLenConstraint
is present.Method Detail |
public void decodeValue(byte[] valueBER, int offset) throws CertificateException
Overrides
decodeValue
in class X509V3Extension
Parameters
valueBER | The BER encoding of the extension's value. | ||
offset | The offset into valueBER where the encoding actually begins. |
Throws
CertificateException
- If the encoding is invalid for this
extension.public void setCA(boolean cA) throws CertificateException
cA
field of
the BasicConstraints
extension.Parameters
cA | A |
public boolean getCA()
cA
field.
Returns
cA
component that indicates whether the
certified public key may be used to verify certificate signatures.public void setPathLen(int pathLenConstraint) throws CertificateException
cA
is set to true
.Parameters
pathLenConstraint | The maximum number of CA certificates
that may follow this certificate in a certification path.
The |
Throws
CertificateException
- If cA
is set to false
when this method is called.public int getPathLen()
pathLenConstraint
field.
Returns
public int derEncodeValueInit()
Overrides
derEncodeValueInit
in class X509V3Extension
Returns
public int derEncodeValue(byte[] encoding, int offset)
Overrides
derEncodeValue
in class X509V3Extension
Parameters
encoding | The byte array into which the result will be placed. | ||
offset | The offest into encoding where the writing is to begin. |
Returns
public Object clone() throws CloneNotSupportedException
clone
method to get a deeper clone.
Overrides
clone
in class X509V3Extension
Returns
Throws
CloneNotSupportedException
- If the
cloning operation is not successful.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |