public class

ExtendedKeyUsageExtension

extends Extension
implements CertAttrSet<T>
java.lang.Object
   ↳ sun.security.x509.Extension
     ↳ sun.security.x509.ExtendedKeyUsageExtension

Class Overview

This class defines the Extended Key Usage Extension, which indicates one or more purposes for which the certified public key may be used, in addition to or in place of the basic purposes indicated in the key usage extension field. This field is defined as follows:

id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}

ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId

KeyPurposeId ::= OBJECT IDENTIFIER

Key purposes may be defined by any organization with a need. Object identifiers used to identify key purposes shall be assigned in accordance with IANA or ITU-T Rec. X.660 | ISO/IEC/ITU 9834-1.

This extension may, at the option of the certificate issuer, be either critical or non-critical.

If the extension is flagged critical, then the certificate MUST be used only for one of the purposes indicated.

If the extension is flagged non-critical, then it indicates the intended purpose or purposes of the key, and may be used in finding the correct key/certificate of an entity that has multiple keys/certificates. It is an advisory field and does not imply that usage of the key is restricted by the certification authority to the purpose indicated. Certificate using applications may nevertheless require that a particular purpose be indicated in order for the certificate to be acceptable to that application.

If a certificate contains both a critical key usage field and a critical extended key usage field, then both fields MUST be processed independently and the certificate MUST only be used for a purpose consistent with both fields. If there is no purpose consistent with both fields, then the certificate MUST NOT be used for any purpose.

Summary

Constants
String IDENT Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
String NAME Attribute names.
String USAGES
[Expand]
Inherited Fields
From class sun.security.x509.Extension
Public Constructors
ExtendedKeyUsageExtension(Vector<ObjectIdentifier> keyUsages)
Create a ExtendedKeyUsageExtension object from a Vector of Key Usages; the criticality is set to false.
ExtendedKeyUsageExtension(Boolean critical, Vector<ObjectIdentifier> keyUsages)
Create a ExtendedKeyUsageExtension object from a Vector of KeyUsages with specified criticality.
ExtendedKeyUsageExtension(Boolean critical, Object value)
Create the extension from its DER encoded value and criticality.
Public Methods
void delete(String name)
Delete the attribute value.
void encode(OutputStream out)
Write the extension to the DerOutputStream.
Object get(String name)
Get the attribute value.
Enumeration<String> getElements()
Return an enumeration of names of attributes existing within this attribute.
List<String> getExtendedKeyUsage()
String getName()
Return the name of this attribute.
void set(String name, Object obj)
Set the attribute value.
String toString()
Return the extension as user readable string.
[Expand]
Inherited Methods
From class sun.security.x509.Extension
From class java.lang.Object
From interface sun.security.x509.CertAttrSet

Constants

public static final String IDENT

Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.

Constant Value: "x509.info.extensions.ExtendedKeyUsage"

public static final String NAME

Attribute names.

Constant Value: "ExtendedKeyUsage"

public static final String USAGES

Constant Value: "usages"

Public Constructors

public ExtendedKeyUsageExtension (Vector<ObjectIdentifier> keyUsages)

Create a ExtendedKeyUsageExtension object from a Vector of Key Usages; the criticality is set to false.

Parameters
keyUsages the Vector of KeyUsages (ObjectIdentifiers)
Throws
IOException

public ExtendedKeyUsageExtension (Boolean critical, Vector<ObjectIdentifier> keyUsages)

Create a ExtendedKeyUsageExtension object from a Vector of KeyUsages with specified criticality.

Parameters
critical true if the extension is to be treated as critical.
keyUsages the Vector of KeyUsages (ObjectIdentifiers)
Throws
IOException

public ExtendedKeyUsageExtension (Boolean critical, Object value)

Create the extension from its DER encoded value and criticality.

Parameters
critical true if the extension is to be treated as critical.
value an array of DER encoded bytes of the actual value.
Throws
ClassCastException if value is not an array of bytes
IOException on error.

Public Methods

public void delete (String name)

Delete the attribute value.

Parameters
name the name of the attribute to delete.
Throws
IOException

public void encode (OutputStream out)

Write the extension to the DerOutputStream.

Parameters
out the DerOutputStream to write the extension to.
Throws
IOException on encoding errors.

public Object get (String name)

Get the attribute value.

Parameters
name the name of the attribute to return.
Throws
IOException

public Enumeration<String> getElements ()

Return an enumeration of names of attributes existing within this attribute.

Returns
  • an enumeration of the attribute names.

public List<String> getExtendedKeyUsage ()

public String getName ()

Return the name of this attribute.

Returns
  • the name of this CertAttrSet.

public void set (String name, Object obj)

Set the attribute value.

Parameters
name the name of the attribute (e.g. "x509.info.key")
obj the attribute object.
Throws
IOException

public String toString ()

Return the extension as user readable string.

Returns
  • a string representation of the object.