/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This class defines the certificate extension which specifies the
* Policy constraints.
* <p>
* The policy constraints extension can be used in certificates issued
* to CAs. The policy constraints extension constrains path validation
* in two ways. It can be used to prohibit policy mapping or require
* that each certificate in a path contain an acceptable policy
* identifier.<p>
* The ASN.1 syntax for this is (IMPLICIT tagging is defined in the
* module definition):
* <pre>
* PolicyConstraints ::= SEQUENCE {
* requireExplicitPolicy [0] SkipCerts OPTIONAL,
* inhibitPolicyMapping [1] SkipCerts OPTIONAL
* }
* SkipCerts ::= INTEGER (0..MAX)
* </pre>
* @author Amit Kapoor
* @author Hemma Prafullchandra
* @see Extension
* @see CertAttrSet
*/
implements CertAttrSet<String> {
/**
* Identifier for this attribute, to be used with the
* get, set, delete methods of Certificate, x509 type.
*/
/**
* Attribute names.
*/
// Encode this extension value.
this.extensionValue = null;
return;
}
if (require != -1) {
false, TAG_REQUIRE), tmp);
}
if (inhibit != -1) {
false, TAG_INHIBIT), tmp);
}
}
/**
* Create a PolicyConstraintsExtension object with both
* require explicit policy and inhibit policy mapping. The
* extension is marked non-critical.
*
* @param require require explicit policy (-1 for optional).
* @param inhibit inhibit policy mapping (-1 for optional).
*/
throws IOException {
}
/**
* Create a PolicyConstraintsExtension object with specified
* criticality and both require explicit policy and inhibit
* policy mapping.
*
* @param critical true if the extension is to be treated as critical.
* @param require require explicit policy (-1 for optional).
* @param inhibit inhibit policy mapping (-1 for optional).
*/
throws IOException {
encodeThis();
}
/**
* Create the extension from its DER encoded value and criticality.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception ClassCastException if value is not an array of bytes
* @exception IOException on error.
*/
throws IOException {
this.extensionValue = (byte[]) value;
throw new IOException("Sequence tag missing for PolicyConstraint.");
}
if (this.require != -1)
throw new IOException("Duplicate requireExplicitPolicy" +
"found in the PolicyConstraintsExtension");
!next.isConstructed()) {
if (this.inhibit != -1)
throw new IOException("Duplicate inhibitPolicyMapping" +
"found in the PolicyConstraintsExtension");
} else
throw new IOException("Invalid encoding of PolicyConstraint");
}
}
/**
* Return the extension as user readable string.
*/
String s;
if (require == -1)
s += "unspecified;";
else
s += require + ";";
s += "\tInhibit: ";
if (inhibit == -1)
s += "unspecified";
else
s += inhibit;
s += " ]\n";
return s;
}
/**
* Write the extension to the DerOutputStream.
*
* @param out the DerOutputStream to write the extension to.
* @exception IOException on encoding errors.
*/
if (extensionValue == null) {
critical = false;
encodeThis();
}
}
/**
* Set the attribute value.
*/
throw new IOException("Attribute value should be of type Integer.");
}
} else {
" not recognized by " +
"CertAttrSet:PolicyConstraints.");
}
encodeThis();
}
/**
* Get the attribute value.
*/
} else {
throw new IOException("Attribute name not recognized by " +
"CertAttrSet:PolicyConstraints.");
}
}
/**
* Delete the attribute value.
*/
require = -1;
inhibit = -1;
} else {
throw new IOException("Attribute name not recognized by " +
"CertAttrSet:PolicyConstraints.");
}
encodeThis();
}
/**
* Return an enumeration of names of attributes existing within this
* attribute.
*/
}
/**
* Return the name of this attribute.
*/
return (NAME);
}
}