edu.vt.middleware.crypt.x509
Class ExtensionReader

java.lang.Object
  edu.vt.middleware.crypt.x509.ExtensionReader

public final class ExtensionReader
extends Object

Reads X.509v3 extended properties from an X509Certificate object. The available properties are described in section 4.2 of RFC 2459, http://www.faqs.org/rfcs/rfc2459.html.

Version:

$Revision: 2745 $

Author:

Middleware Services

Constructor Summary

ExtensionReader(X509Certificate cert)
Creates a new instance that can read extension fields from the given X.509 certificate.

Method Summary

Object	read(ExtensionType extension) Reads the value of the given certificate extension field.
Object	read(String extensionOidOrName) Reads the value of the extension given by OID or name as defined in section 4.2 of RFC 2459.
Map<ExtensionType,Object>	readAll() Attempts to read all extensions defined in section 4.2 of RFC 2459 and returns a map of all extensions defined on the certificate.
AccessDescriptionList	readAuthorityInformationAccess() Reads the value of the AuthorityInformationAccess extension field of the certificate.
AuthorityKeyIdentifier	readAuthorityKeyIdentifier() Reads the value of the AuthorityKeyIdentifier extension field of the certificate.
BasicConstraints	readBasicConstraints() Reads the value of the BasicConstraints extension field of the certificate.
PolicyInformationList	readCertificatePolicies() Reads the value of the CertificatePolicies extension field of the certificate.
DistributionPointList	readCRLDistributionPoints() Reads the value of the CRLDistributionPoints extension field of the certificate.
KeyPurposeIdList	readExtendedKeyUsage() Reads the value of the ExtendedKeyUsage extension field of the certificate.
GeneralNameList	readIssuerAlternativeName() Reads the value of the IssuerAlternativeName extension field of the certificate.
KeyUsage	readKeyUsage() Reads the value of the KeyUsage extension field of the certificate.
GeneralNameList	readSubjectAlternativeName() Reads the value of the SubjectAlternativeName extension field of the certificate.
KeyIdentifier	readSubjectKeyIdentifier() Reads the value of the SubjectKeyIdentifier extension field of the certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ExtensionReader

public ExtensionReader(X509Certificate cert)

Creates a new instance that can read extension fields from the given X.509 certificate.

Parameters:

cert - Certificate to read.

Method Detail

read

public Object read(String extensionOidOrName)
            throws CryptException

Reads the value of the extension given by OID or name as defined in section 4.2 of RFC 2459.

Parameters:

extensionOidOrName - OID or extension name, e.g. 2.5.29.14 or SubjectKeyIdentifier. In the case of extension name, the name is case-sensitive and follows the conventions in RFC 2459.

Returns:

Extension type containing data from requested extension field.

Throws:

CryptException - On errors reading encoded certificate extension field data.

IllegalArgumentException - On invalid OID or extension name.

read

public Object read(ExtensionType extension)
            throws CryptException

Reads the value of the given certificate extension field.

Parameters:

extension - Extension to read from certificate.

Returns:

An extension type from the edu.vt.middleware.crypt.x509.types package containing the data in the extension field.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readSubjectAlternativeName

public GeneralNameList readSubjectAlternativeName()
                                           throws CryptException

Reads the value of the SubjectAlternativeName extension field of the certificate.

Returns:

Collection of subject alternative names or null if the certificate does not define this extension field. Note that an empty collection of names is different from a null return value; in the former case the field is defined but empty, whereas in the latter the field is not defined on the certificate.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readIssuerAlternativeName

public GeneralNameList readIssuerAlternativeName()
                                          throws CryptException

Reads the value of the IssuerAlternativeName extension field of the certificate.

Returns:

Collection of issuer alternative names or null if the certificate does not define this extension field. Note that an empty collection of names is different from a null return value; in the former case the field is defined but empty, whereas in the latter the field is not defined on the certificate.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readBasicConstraints

public BasicConstraints readBasicConstraints()
                                      throws CryptException

Reads the value of the BasicConstraints extension field of the certificate.

Returns:

Basic constraints defined on certificate or null if the certificate does not define the field.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readCertificatePolicies

public PolicyInformationList readCertificatePolicies()
                                              throws CryptException

Reads the value of the CertificatePolicies extension field of the certificate.

Returns:

List of certificate policies defined on certificate or null if the certificate does not define the field.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readSubjectKeyIdentifier

public KeyIdentifier readSubjectKeyIdentifier()
                                       throws CryptException

Reads the value of the SubjectKeyIdentifier extension field of the certificate.

Returns:

Subject key identifier.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readAuthorityKeyIdentifier

public AuthorityKeyIdentifier readAuthorityKeyIdentifier()
                                                  throws CryptException

Reads the value of the AuthorityKeyIdentifier extension field of the certificate.

Returns:

Authority key identifier.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readKeyUsage

public KeyUsage readKeyUsage()
                      throws CryptException

Reads the value of the KeyUsage extension field of the certificate.

Returns:

Key usage data.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readExtendedKeyUsage

public KeyPurposeIdList readExtendedKeyUsage()
                                      throws CryptException

Reads the value of the ExtendedKeyUsage extension field of the certificate.

Returns:

List of supported extended key usages.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readCRLDistributionPoints

public DistributionPointList readCRLDistributionPoints()
                                                throws CryptException

Reads the value of the CRLDistributionPoints extension field of the certificate.

Returns:

List of CRL distribution points.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readAuthorityInformationAccess

public AccessDescriptionList readAuthorityInformationAccess()
                                                     throws CryptException

Reads the value of the AuthorityInformationAccess extension field of the certificate.

Returns:

List of CRL distribution points.

Throws:

CryptException - On errors reading encoded certificate extension field data.

readAll

public Map<ExtensionType,Object> readAll()
                                  throws CryptException

Attempts to read all extensions defined in section 4.2 of RFC 2459 and returns a map of all extensions defined on the certificate.

Returns:

Map of extension types to extension data.

Throws:

CryptException - On errors reading encoded certificate extension field data.