2362N/A * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class represents the Basic Constraints Extension. 0N/A * <p>The basic constraints extension identifies whether the subject of the 0N/A * certificate is a CA and how deep a certification path may exist 0N/A * The ASN.1 syntax for this extension is: 0N/A * BasicConstraints ::= SEQUENCE { 0N/A * cA BOOLEAN DEFAULT FALSE, 0N/A * pathLenConstraint INTEGER (0..MAX) OPTIONAL 0N/A * @author Amit Kapoor 0N/A * @author Hemma Prafullchandra 0N/A * Identifier for this attribute, to be used with the 0N/A * get, set, delete methods of Certificate, x509 type. 0N/A public static final String IDENT =
"x509.info.extensions.BasicConstraints";
0N/A // Private data members 0N/A private boolean ca =
false;
0N/A // Encode this extension value 902N/A // Only encode pathLen when ca == true 0N/A * Default constructor for this object. The extension is marked 0N/A * critical if the ca flag is true, false otherwise. 0N/A * @param ca true, if the subject of the Certificate is a CA. 0N/A * @param len specifies the depth of the certification path. 0N/A * Constructor for this object with specified criticality. 0N/A * @param critical true, if the extension should be marked critical 0N/A * @param ca true, if the subject of the Certificate is a CA. 0N/A * @param len specifies the depth of the certification path. 0N/A * Create the extension from the passed DER encoded value of the same. 0N/A * @param critical flag indicating if extension is critical or not 0N/A * @param value an array containing the DER encoded bytes of the extension. 0N/A * @exception ClassCastException if value is not an array of bytes 0N/A * @exception IOException on error. 0N/A // non-CA cert ("cA" field is FALSE by default), return -1 0N/A // non-CA cert ("cA" field is FALSE by default), return -1 0N/A // From PKIX profile: 0N/A // Where pathLenConstraint does not appear, there is no 0N/A // limit to the allowed length of the certification path. 0N/A * Activate this check once again after PKIX profiling 0N/A * is a standard and this check no longer imposes an 0N/A * interoperability barrier. 0N/A * if (!this.critical) { 0N/A * throw new IOException("Criticality cannot be false for CA."); 0N/A * Return user readable form of extension. 0N/A s += ((
ca) ? (
" CA:true") : (
" CA:false")) +
"\n";
0N/A s +=
" PathLen: undefined\n";
0N/A * Encode this extension value to the output stream. 0N/A * @param out the DerOutputStream to encode the extension to. 0N/A * Set the attribute value. 0N/A "CertAttrSet:BasicConstraints.");
0N/A * Get the attribute value. 0N/A "CertAttrSet:BasicConstraints.");
0N/A * Delete the attribute value. 0N/A "CertAttrSet:BasicConstraints.");
0N/A * Return an enumeration of names of attributes existing within this 0N/A * Return the name of this attribute.