API Overview API Index Package Overview Direct link to this page
JDK 1.6
  java.security.cert. PolicyQualifierInfo View Javadoc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156

/*
 * @(#)PolicyQualifierInfo.java	1.12 05/11/17
 *
 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
 * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 */

package java.security.cert;

import java.io.IOException;

import sun.misc.HexDumpEncoder;
import sun.security.util.DerValue;

/**
 * An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo 
 * structure.
 *
 * <p>The ASN.1 definition is as follows:
 * <p><pre>
 *   PolicyQualifierInfo ::= SEQUENCE {
 *        policyQualifierId       PolicyQualifierId,
 *        qualifier               ANY DEFINED BY policyQualifierId }
 * </pre>
 * <p>
 * A certificate policies extension, if present in an X.509 version 3 
 * certificate, contains a sequence of one or more policy information terms,
 * each of which consists of an object identifier (OID) and optional
 * qualifiers. In an end-entity certificate, these policy information terms
 * indicate the policy under which the certificate has been issued and the 
 * purposes for which the certificate may be used. In a CA certificate, these 
 * policy information terms limit the set of policies for certification paths 
 * which include this certificate.
 * <p>
 * A <code>Set</code> of <code>PolicyQualifierInfo</code> objects are returned 
 * by the {@link PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers} 
 * method. This allows applications with specific policy requirements to 
 * process and validate each policy qualifier. Applications that need to 
 * process policy qualifiers should explicitly set the 
 * <code>policyQualifiersRejected</code> flag to false (by calling the 
 * {@link PKIXParameters#setPolicyQualifiersRejected 
 * PKIXParameters.setPolicyQualifiersRejected} method) before validating 
 * a certification path.
 *
 * <p>Note that the PKIX certification path validation algorithm specifies
 * that any policy qualifier in a certificate policies extension that is 
 * marked critical must be processed and validated. Otherwise the 
 * certification path must be rejected. If the 
 * <code>policyQualifiersRejected</code> flag is set to false, it is up to 
 * the application to validate all policy qualifiers in this manner in order 
 * to be PKIX compliant.
 *
 * <p><b>Concurrent Access</b>
 *
 * <p>All <code>PolicyQualifierInfo</code> objects must be immutable and
 * thread-safe. That is, multiple threads may concurrently invoke the
 * methods defined in this class on a single <code>PolicyQualifierInfo</code> 
 * object (or more than one) with no ill effects. Requiring 
 * <code>PolicyQualifierInfo</code> objects to be immutable and thread-safe 
 * allows them to be passed around to various pieces of code without 
 * worrying about coordinating access.
 *
 * @author 	seth proctor
 * @author 	Sean Mullan
 * @version 	1.12 11/17/05
 * @since 	1.4
 */
public class PolicyQualifierInfo {

    private byte [] mEncoded;
    private String mId;
    private byte [] mData;
    private String pqiString;

    /**
     * Creates an instance of <code>PolicyQualifierInfo</code> from the
     * encoded bytes. The encoded byte array is copied on construction.
     *
     * @param encoded a byte array containing the qualifier in DER encoding
     * @exception IOException thrown if the byte array does not represent a
     * valid and parsable policy qualifier
     */
    public PolicyQualifierInfo(byte[] encoded) throws IOException {
	mEncoded = (byte[]) encoded.clone();
		
	DerValue val = new DerValue(mEncoded);
	if (val.tag != DerValue.tag_Sequence)
	    throw new IOException("Invalid encoding for PolicyQualifierInfo");

	mId = (val.data.getDerValue()).getOID().toString();
	byte [] tmp = val.data.toByteArray();
	if (tmp == null) {
	    mData = null;
	} else {
	    mData = new byte[tmp.length];
	    System.arraycopy(tmp, 0, mData, 0, tmp.length);
	}
    }

    /**
     * Returns the <code>policyQualifierId</code> field of this 
     * <code>PolicyQualifierInfo</code>. The <code>policyQualifierId</code>
     * is an Object Identifier (OID) represented by a set of nonnegative 
     * integers separated by periods.
     *
     * @return the OID (never <code>null</code>)
     */
    public final String getPolicyQualifierId() {
	return mId;
    }
	
    /**
     * Returns the ASN.1 DER encoded form of this 
     * <code>PolicyQualifierInfo</code>.
     *
     * @return the ASN.1 DER encoded bytes (never <code>null</code>).
     * Note that a copy is returned, so the data is cloned each time 
     * this method is called.
     */
    public final byte[] getEncoded() {
	return (byte[]) mEncoded.clone();
    }
	
    /**
     * Returns the ASN.1 DER encoded form of the <code>qualifier</code> 
     * field of this <code>PolicyQualifierInfo</code>.
     *
     * @return the ASN.1 DER encoded bytes of the <code>qualifier</code>
     * field. Note that a copy is returned, so the data is cloned each 
     * time this method is called.
     */
    public final byte[] getPolicyQualifier() {
	return (mData == null ? null : (byte[]) mData.clone());
    }

    /**
     * Return a printable representation of this 
     * <code>PolicyQualifierInfo</code>.
     *
     * @return a <code>String</code> describing the contents of this
     *         <code>PolicyQualifierInfo</code>
     */
    public String toString() {
	if (pqiString != null)
	    return pqiString;
        HexDumpEncoder enc = new HexDumpEncoder();
        StringBuffer sb = new StringBuffer();
        sb.append("PolicyQualifierInfo: [\n");
        sb.append("  qualifierID: " + mId + "\n");
        sb.append("  qualifier: " + 
	    (mData == null ? "null" : enc.encodeBuffer(mData)) + "\n");
        sb.append("]");
	pqiString = sb.toString();
	return pqiString;
    }
}

Generated By: JavaOnTracks Doclet 0.1.4     ©Thibaut Colar