Package org.cryptacular.x509
Class ExtensionReader
java.lang.Object
org.cryptacular.x509.ExtensionReader
Reads X.509v3 extended properties from an
X509Certificate
object. The available properties
are described in section 4.2 of RFC 2459, http://www.faqs.org/rfcs/rfc2459.html.- Author:
- Middleware Services
-
Constructor Summary
ConstructorsConstructorDescriptionCreates a new instance that can read extension fields from the given X.509 certificate. -
Method Summary
Modifier and TypeMethodDescriptionorg.bouncycastle.asn1.ASN1Encodable
Reads the value of the extension given by OID or name as defined in section 4.2 of RFC 2459.org.bouncycastle.asn1.ASN1Encodable
read
(ExtensionType extension) Reads the value of the given certificate extension field.List<org.bouncycastle.asn1.x509.AccessDescription>
Reads the value of theAuthorityInformationAccess
extension field of the certificate.org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
Reads the value of theAuthorityKeyIdentifier
extension field of the certificate.org.bouncycastle.asn1.x509.BasicConstraints
Reads the value of theBasicConstraints
extension field of the certificate.List<org.bouncycastle.asn1.x509.PolicyInformation>
Reads the value of theCertificatePolicies
extension field of the certificate.List<org.bouncycastle.asn1.x509.DistributionPoint>
Reads the value of theCRLDistributionPoints
extension field of the certificate.List<org.bouncycastle.asn1.x509.KeyPurposeId>
Reads the value of theExtendedKeyUsage
extension field of the certificate.org.bouncycastle.asn1.x509.GeneralNames
Reads the value of theIssuerAlternativeName
extension field of the certificate.org.bouncycastle.asn1.x509.KeyUsage
Reads the value of theKeyUsage
extension field of the certificate.org.bouncycastle.asn1.x509.GeneralNames
Reads the value of the SubjectAlternativeName extension field of the certificate.org.bouncycastle.asn1.x509.SubjectKeyIdentifier
Reads the value of theSubjectKeyIdentifier
extension field of the certificate.
-
Constructor Details
-
ExtensionReader
Creates a new instance that can read extension fields from the given X.509 certificate.- Parameters:
cert
- Certificate to read.
-
-
Method Details
-
read
Reads the value of the extension given by OID or name as defined in section 4.2 of RFC 2459.- Parameters:
extensionOidOrName
- OID or extension name, e.g. 2.5.29.14 orSubjectK eyIdentifier. In the case of extension name, the name is case-sensitive and follows the conventions in RFC 2459.- Returns:
- Extension type containing data from requested extension field.
- Throws:
EncodingException
- On certificate field parse errors.
-
read
Reads the value of the given certificate extension field.- Parameters:
extension
- Extension to read from certificate.- Returns:
- Extension type containing data from requested extension field.
- Throws:
EncodingException
- On certificate field parse errors.
-
readSubjectAlternativeName
public org.bouncycastle.asn1.x509.GeneralNames readSubjectAlternativeName() throws EncodingExceptionReads the value of the SubjectAlternativeName extension field of the certificate.- Returns:
- Collection of subject alternative names or null if the certificate does not define this extension field. Note that an empty collection of names is different from a null return value; in the former case the field is defined but empty, whereas in the latter the field is not defined on the certificate.
- Throws:
EncodingException
- On certificate field parse errors.
-
readIssuerAlternativeName
Reads the value of theIssuerAlternativeName
extension field of the certificate.- Returns:
- Collection of issuer alternative names or null if the certificate does not define this extension field. Note that an empty collection of names is different from a null return value; in the former case the field is defined but empty, whereas in the latter the field is not defined on the certificate.
- Throws:
EncodingException
- On certificate field parse errors.
-
readBasicConstraints
Reads the value of theBasicConstraints
extension field of the certificate.- Returns:
- Basic constraints defined on certificate or null if the certificate does not define the field.
- Throws:
EncodingException
- On certificate field parse errors.
-
readCertificatePolicies
public List<org.bouncycastle.asn1.x509.PolicyInformation> readCertificatePolicies() throws EncodingExceptionReads the value of theCertificatePolicies
extension field of the certificate.- Returns:
- List of certificate policies defined on certificate or null if the certificate does not define the field.
- Throws:
EncodingException
- On certificate field parse errors.
-
readSubjectKeyIdentifier
public org.bouncycastle.asn1.x509.SubjectKeyIdentifier readSubjectKeyIdentifier() throws EncodingExceptionReads the value of theSubjectKeyIdentifier
extension field of the certificate.- Returns:
- Subject key identifier.
- Throws:
EncodingException
- On certificate field parse errors.
-
readAuthorityKeyIdentifier
public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier readAuthorityKeyIdentifier() throws EncodingExceptionReads the value of theAuthorityKeyIdentifier
extension field of the certificate.- Returns:
- Authority key identifier.
- Throws:
EncodingException
- On certificate field parse errors.
-
readKeyUsage
Reads the value of theKeyUsage
extension field of the certificate.- Returns:
- Key usage data or null if extension field is not defined.
- Throws:
EncodingException
- On certificate field parse errors.
-
readExtendedKeyUsage
public List<org.bouncycastle.asn1.x509.KeyPurposeId> readExtendedKeyUsage() throws EncodingExceptionReads the value of theExtendedKeyUsage
extension field of the certificate.- Returns:
- List of supported extended key usages or null if extension is not defined.
- Throws:
EncodingException
- On certificate field parse errors.
-
readCRLDistributionPoints
public List<org.bouncycastle.asn1.x509.DistributionPoint> readCRLDistributionPoints() throws EncodingExceptionReads the value of theCRLDistributionPoints
extension field of the certificate.- Returns:
- List of CRL distribution points or null if extension is not defined.
- Throws:
EncodingException
- On certificate field parse errors.
-
readAuthorityInformationAccess
public List<org.bouncycastle.asn1.x509.AccessDescription> readAuthorityInformationAccess() throws EncodingExceptionReads the value of theAuthorityInformationAccess
extension field of the certificate.- Returns:
- List of access descriptions or null if extension is not defined.
- Throws:
EncodingException
- On certificate field parse errors.
-