Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.rsa.certj.cert.extensions

Class InhibitAnyPolicy

java.lang.Object
  |
  +--com.rsa.certj.cert.extensions.X509V3Extension
        |
        +--com.rsa.certj.cert.extensions.InhibitAnyPolicy
All Implemented Interfaces:
CertExtension, Cloneable, Serializable
public class InhibitAnyPolicy
extends X509V3Extension
implements Cloneable, Serializable, CertExtension

This class holds, encodes, and decodes the InhibitAnyPolicy extension. The inhibit any-policy extension can be used in certificates issued to CAs. The inhibit any-policy indicates that the special any-policy OID, with the value { 2 5 29 32 0 }, is not considered an explicit match for other certificate policies. The value indicates the number of additional certificates that may appear in the path before any- policy is no longer permitted. For example, a value of one indicates that any-policy may be processed in certificates issued by the subject of this certificate, but not in additional certificates in the path.

This extension MUST be critical.

The ASN.1 definition is as follows: 

 id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::=  { id-ce 54 }

 InhibitAnyPolicy ::= SkipCerts

 SkipCerts ::= INTEGER (0..MAX)

Copyright © RSA Security Inc., 2002. All rights reserved.

See Also

Serialized Form

Fields inherited from class com.rsa.certj.cert.extensions.X509V3Extension
ARCHIVE_CUTOFF, ARCHIVE_CUTOFF_OID, AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_OID, AUTHORITY_KEY_ID, BASIC_CONSTRAINTS, BIO_INFO, BIO_INFO_OID, CERT_POLICIES, CERTIFICATE_ISSUER, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_REFERENCE, CRL_REFERENCE_OID, DELTA_CRL_INDICATOR, EXTENDED_KEY_USAGE, HOLD_INSTRUCTION_CODE, INHIBIT_ANY_POLICY, INVALIDITY_DATE, ISSUER_ALT_NAME, ISSUING_DISTRIBUTION_POINT, KEY_USAGE, NAME_CONSTRAINTS, NETSCAPE_BASE_URL, NETSCAPE_BASE_URL_OID, NETSCAPE_CA_POLICY_URL, NETSCAPE_CA_POLICY_URL_OID, NETSCAPE_CA_REVOCATION_URL, NETSCAPE_CA_REVOCATION_URL_OID, NETSCAPE_CERT_RENEWAL_URL, NETSCAPE_CERT_RENEWAL_URL_OID, NETSCAPE_CERT_TYPE, NETSCAPE_CERT_TYPE_OID, NETSCAPE_COMMENT, NETSCAPE_COMMENT_OID, NETSCAPE_REVOCATION_URL, NETSCAPE_REVOCATION_URL_OID, NETSCAPE_SSL_SERVER_NAME, NETSCAPE_SSL_SERVER_NAME_OID, NON_STANDARD_EXTENSION, OCSP_ACCEPTABLE_RESPONSES, OCSP_ACCEPTABLE_RESPONSES_OID, OCSP_NOCHECK, OCSP_NOCHECK_OID, OCSP_NONCE, OCSP_NONCE_OID, OCSP_SERVICE_LOCATOR, OCSP_SERVICE_LOCATOR_OID, POLICY_CONSTRAINTS, POLICY_MAPPINGS, PRIVATE_KEY_USAGE_PERIOD, QC_STATEMENTS, QC_STATEMENTS_OID, REASON_CODE, SUBJECT_ALT_NAME, SUBJECT_DIRECTORY_ATTRIBUTES, SUBJECT_KEY_ID, VERISIGN_CZAG, VERISIGN_CZAG_OID, VERISIGN_FIDELITY_ID, VERISIGN_FIDELITY_ID_OID, VERISIGN_JURISDICTION_HASH, VERISIGN_JURISDICTION_HASH_OID, VERISIGN_NETSCAPE_INBOX_V1, VERISIGN_NETSCAPE_INBOX_V1_OID, VERISIGN_NETSCAPE_INBOX_V2, VERISIGN_NETSCAPE_INBOX_V2_OID, VERISIGN_NON_VERIFIED, VERISIGN_NON_VERIFIED_OID, VERISIGN_SERIAL_NUMBER, VERISIGN_SERIAL_NUMBER_OID, VERISIGN_TOKEN_TYPE, VERISIGN_TOKEN_TYPE_OID
 

Constructor Summary
InhibitAnyPolicy()

Constructs an empty InhibitAnyPolicy object.
InhibitAnyPolicy(int skipCerts, boolean criticality)

Constructs a InhibitAnyPolicy object and initializes it with the given value and the specified criticality.
 

Method Summary

 Object

 clone()

Overrides the default clone method to get a deeper clone.

 void

 decodeValue(byte[] valueBER, int offset)

Decode the value.

 int

 derEncodeValue(byte[] encoding, int offset)

Place the encoding of the value into encoding, beginning at offset.

 int

 derEncodeValueInit()

Initialize for encoding the value.

 int

 getSkipCerts()

Gets the value of this object, the number of additional certificates that may appear in the path before any-policy is no longer permitted.

 void

 setSkipCerts(int number)

Sets the value of this object, the number of certificates to skip.
 
Methods inherited from class com.rsa.certj.cert.extensions.X509V3Extension
extend, getCriticality, getDEREncoding, getDERLen, getExtensionType, getExtensionTypeString, getInstance, getNextBEROffset, isExtensionType, setCriticality, setEncoding, setSpecialOID, setStandardOID
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

InhibitAnyPolicy

public InhibitAnyPolicy()
Constructs an empty InhibitAnyPolicy object.

InhibitAnyPolicy

public InhibitAnyPolicy(int skipCerts,
                        boolean criticality)
Constructs a InhibitAnyPolicy object and initializes it with the given value and the specified criticality. The value of InhibitAnyPolicy indicates the number of additional certificates that may appear in the path before any- policy is no longer permitted.

Parameters

         skipCerts  

The InhibitAnyPolicy value.

         criticality  

The user-specified criticality.

Method Detail

decodeValue

public void decodeValue(byte[] valueBER,
                        int offset)
                 throws CertificateException
Decode the value. The input is the BER encoding that was wrapped in the OCTET STRING.

Overrides

decodeValue in class X509V3Extension

Parameters

         valueBER  

The BER encoding of the extension's value.

         offset  

The offset into valueBER where the encoding actually begins.

Throws

CertificateException - If the encoding is invalid for this extension.

setSkipCerts

public void setSkipCerts(int number)
Sets the value of this object, the number of certificates to skip.

Parameters

         number  

the number of additional certificates that may appear in the path before any-policy is no longer permitted.

getSkipCerts

public int getSkipCerts()
Gets the value of this object, the number of additional certificates that may appear in the path before any-policy is no longer permitted. If this object does not have a value, this method returns 0.

Returns

An int that contains number of certificates to skip.

derEncodeValueInit

public int derEncodeValueInit()
Initialize for encoding the value.

Overrides

derEncodeValueInit in class X509V3Extension

Returns

How many bytes the encoding will be.

derEncodeValue

public int derEncodeValue(byte[] encoding,
                          int offset)
Place the encoding of the value into encoding, beginning at offset. This is the actual contents that are wrapped in the OCTET STRING (not the surrounding OCTET STRING tag and length).

Overrides

derEncodeValue in class X509V3Extension

Parameters

         encoding  

The byte array into which the result will be placed.

         offset  

The offest into encoding where the writing is to begin.

Returns

The number of bytes actually placed into encoding.

clone

public Object clone()
             throws CloneNotSupportedException
Overrides the default clone method to get a deeper clone.

Overrides

clone in class X509V3Extension

Returns

A new InhibitAnyPolicy object, a copy of this object.

Throws

CloneNotSupportedException - If the cloning operation is not successful.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
RSA BSAFE ® Cert-J 2.1.1 001-047007-211-001-000