1 /* |
1 /* |
2 * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
48 * indicate the policy under which the certificate has been issued and the |
48 * indicate the policy under which the certificate has been issued and the |
49 * purposes for which the certificate may be used. In a CA certificate, these |
49 * purposes for which the certificate may be used. In a CA certificate, these |
50 * policy information terms limit the set of policies for certification paths |
50 * policy information terms limit the set of policies for certification paths |
51 * which include this certificate. |
51 * which include this certificate. |
52 * <p> |
52 * <p> |
53 * A <code>Set</code> of <code>PolicyQualifierInfo</code> objects are returned |
53 * A {@code Set} of {@code PolicyQualifierInfo} objects are returned |
54 * by the {@link PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers} |
54 * by the {@link PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers} |
55 * method. This allows applications with specific policy requirements to |
55 * method. This allows applications with specific policy requirements to |
56 * process and validate each policy qualifier. Applications that need to |
56 * process and validate each policy qualifier. Applications that need to |
57 * process policy qualifiers should explicitly set the |
57 * process policy qualifiers should explicitly set the |
58 * <code>policyQualifiersRejected</code> flag to false (by calling the |
58 * {@code policyQualifiersRejected} flag to false (by calling the |
59 * {@link PKIXParameters#setPolicyQualifiersRejected |
59 * {@link PKIXParameters#setPolicyQualifiersRejected |
60 * PKIXParameters.setPolicyQualifiersRejected} method) before validating |
60 * PKIXParameters.setPolicyQualifiersRejected} method) before validating |
61 * a certification path. |
61 * a certification path. |
62 * |
62 * |
63 * <p>Note that the PKIX certification path validation algorithm specifies |
63 * <p>Note that the PKIX certification path validation algorithm specifies |
64 * that any policy qualifier in a certificate policies extension that is |
64 * that any policy qualifier in a certificate policies extension that is |
65 * marked critical must be processed and validated. Otherwise the |
65 * marked critical must be processed and validated. Otherwise the |
66 * certification path must be rejected. If the |
66 * certification path must be rejected. If the |
67 * <code>policyQualifiersRejected</code> flag is set to false, it is up to |
67 * {@code policyQualifiersRejected} flag is set to false, it is up to |
68 * the application to validate all policy qualifiers in this manner in order |
68 * the application to validate all policy qualifiers in this manner in order |
69 * to be PKIX compliant. |
69 * to be PKIX compliant. |
70 * |
70 * |
71 * <p><b>Concurrent Access</b> |
71 * <p><b>Concurrent Access</b> |
72 * |
72 * |
73 * <p>All <code>PolicyQualifierInfo</code> objects must be immutable and |
73 * <p>All {@code PolicyQualifierInfo} objects must be immutable and |
74 * thread-safe. That is, multiple threads may concurrently invoke the |
74 * thread-safe. That is, multiple threads may concurrently invoke the |
75 * methods defined in this class on a single <code>PolicyQualifierInfo</code> |
75 * methods defined in this class on a single {@code PolicyQualifierInfo} |
76 * object (or more than one) with no ill effects. Requiring |
76 * object (or more than one) with no ill effects. Requiring |
77 * <code>PolicyQualifierInfo</code> objects to be immutable and thread-safe |
77 * {@code PolicyQualifierInfo} objects to be immutable and thread-safe |
78 * allows them to be passed around to various pieces of code without |
78 * allows them to be passed around to various pieces of code without |
79 * worrying about coordinating access. |
79 * worrying about coordinating access. |
80 * |
80 * |
81 * @author seth proctor |
81 * @author seth proctor |
82 * @author Sean Mullan |
82 * @author Sean Mullan |
88 private String mId; |
88 private String mId; |
89 private byte [] mData; |
89 private byte [] mData; |
90 private String pqiString; |
90 private String pqiString; |
91 |
91 |
92 /** |
92 /** |
93 * Creates an instance of <code>PolicyQualifierInfo</code> from the |
93 * Creates an instance of {@code PolicyQualifierInfo} from the |
94 * encoded bytes. The encoded byte array is copied on construction. |
94 * encoded bytes. The encoded byte array is copied on construction. |
95 * |
95 * |
96 * @param encoded a byte array containing the qualifier in DER encoding |
96 * @param encoded a byte array containing the qualifier in DER encoding |
97 * @exception IOException thrown if the byte array does not represent a |
97 * @exception IOException thrown if the byte array does not represent a |
98 * valid and parsable policy qualifier |
98 * valid and parsable policy qualifier |
113 System.arraycopy(tmp, 0, mData, 0, tmp.length); |
113 System.arraycopy(tmp, 0, mData, 0, tmp.length); |
114 } |
114 } |
115 } |
115 } |
116 |
116 |
117 /** |
117 /** |
118 * Returns the <code>policyQualifierId</code> field of this |
118 * Returns the {@code policyQualifierId} field of this |
119 * <code>PolicyQualifierInfo</code>. The <code>policyQualifierId</code> |
119 * {@code PolicyQualifierInfo}. The {@code policyQualifierId} |
120 * is an Object Identifier (OID) represented by a set of nonnegative |
120 * is an Object Identifier (OID) represented by a set of nonnegative |
121 * integers separated by periods. |
121 * integers separated by periods. |
122 * |
122 * |
123 * @return the OID (never <code>null</code>) |
123 * @return the OID (never {@code null}) |
124 */ |
124 */ |
125 public final String getPolicyQualifierId() { |
125 public final String getPolicyQualifierId() { |
126 return mId; |
126 return mId; |
127 } |
127 } |
128 |
128 |
129 /** |
129 /** |
130 * Returns the ASN.1 DER encoded form of this |
130 * Returns the ASN.1 DER encoded form of this |
131 * <code>PolicyQualifierInfo</code>. |
131 * {@code PolicyQualifierInfo}. |
132 * |
132 * |
133 * @return the ASN.1 DER encoded bytes (never <code>null</code>). |
133 * @return the ASN.1 DER encoded bytes (never {@code null}). |
134 * Note that a copy is returned, so the data is cloned each time |
134 * Note that a copy is returned, so the data is cloned each time |
135 * this method is called. |
135 * this method is called. |
136 */ |
136 */ |
137 public final byte[] getEncoded() { |
137 public final byte[] getEncoded() { |
138 return mEncoded.clone(); |
138 return mEncoded.clone(); |
139 } |
139 } |
140 |
140 |
141 /** |
141 /** |
142 * Returns the ASN.1 DER encoded form of the <code>qualifier</code> |
142 * Returns the ASN.1 DER encoded form of the {@code qualifier} |
143 * field of this <code>PolicyQualifierInfo</code>. |
143 * field of this {@code PolicyQualifierInfo}. |
144 * |
144 * |
145 * @return the ASN.1 DER encoded bytes of the <code>qualifier</code> |
145 * @return the ASN.1 DER encoded bytes of the {@code qualifier} |
146 * field. Note that a copy is returned, so the data is cloned each |
146 * field. Note that a copy is returned, so the data is cloned each |
147 * time this method is called. |
147 * time this method is called. |
148 */ |
148 */ |
149 public final byte[] getPolicyQualifier() { |
149 public final byte[] getPolicyQualifier() { |
150 return (mData == null ? null : mData.clone()); |
150 return (mData == null ? null : mData.clone()); |
151 } |
151 } |
152 |
152 |
153 /** |
153 /** |
154 * Return a printable representation of this |
154 * Return a printable representation of this |
155 * <code>PolicyQualifierInfo</code>. |
155 * {@code PolicyQualifierInfo}. |
156 * |
156 * |
157 * @return a <code>String</code> describing the contents of this |
157 * @return a {@code String} describing the contents of this |
158 * <code>PolicyQualifierInfo</code> |
158 * {@code PolicyQualifierInfo} |
159 */ |
159 */ |
160 public String toString() { |
160 public String toString() { |
161 if (pqiString != null) |
161 if (pqiString != null) |
162 return pqiString; |
162 return pqiString; |
163 HexDumpEncoder enc = new HexDumpEncoder(); |
163 HexDumpEncoder enc = new HexDumpEncoder(); |