ojluni/src/main/java/sun/security/x509/certAttributes.html - platform/libcore - Git at Google

 <HTML>
 <BODY>
 <HEAD>
 <TITLE>Certificate Attributes</TITLE>
 </HEAD>
 <h2><center>Certificate Attributes</center></h2>
 <font size=3><center>July 1998</font></center>
 <p>
 In JDK1.2 we provide an implementation of X.509 (version 3).
 The X509CertImpl class supports the following methods to
 manipulate the various attributes of a certificate:
 <pre>
      Object get(String name)
      void set(String name, Object value), and
      void delete(String name)
 </pre>
 A list of all the X.509 v3 Certificate attributes that can be manipulated
 is provided in the following table.
 For example, if you want to get the signature component of
 the certificate:
 <pre>
      X509CertImpl cert;
      // get the certificate object
      byte[] sig = (byte[])cert.get("x509.signature");
                   // using the fully-qualified identifier
 OR
      byte[] sig = (byte[])cert.get(X509CertImpl.SIG);
                   // using defined constants
 </pre>
 <p>
 <table border=1>
 <caption>sun.security.x509.X509CertImpl</caption>
 <tr>
 <td><strong>Attribute</strong></td>
 <td><strong>Fully-qualified identifier</strong></td>
 <td><strong>Defined constants</strong></td>
 <td><strong>Type of Object returned</strong><br>
 (in sun.security.x509 unless fully-qualified)</td>
 </tr>
 <tr>
 <td>signatureAlgorithm</td>
 <td>x509.algorithm</td>
 <td>X509CertImpl.SIG_ALG</td>
 <td>AlgorithmId</td>
 </tr>
 <tr>
 <td>signature</td>
 <td>x509.signature</td>
 <td>X509CertImpl.SIG</td>
 <td>byte[]</td>
 </tr>
 <tr>
 <td>tbsCertificate</td>
 <td>x509.info</td>
 <td>X509CertInfo.IDENT</td>
 <td>X509CertInfo</td>
 </tr>
 <tr>
 <td>version</td>
 <td>x509.info.version<br>
 x509.info.version.number</td>
 <td>CertificateVersion.IDENT<br>
 none</td>
 <td>CertificateVersion<br>
 java.lang.Integer</td>
 </tr>
 <tr>
 <td>serialNumber</td>
 <td>x509.info.serialNumber<br>
 x509.info.serialNumber.number</td>
 <td>CertificateSerialNumber.IDENT<br>
 X509CertImpl.SERIAL_ID</td>
 <td>CertificateSerialNumber<br>
 SerialNumber</td>
 </tr>
 <tr>
 <td>signature</td>
 <td>x509.info.algorithmID<br>
 x509.info.algorithmID.algorithm</td>
 <td>CertificateAlgorithmId.IDENT<br>
 none</td>
 <td>CertificateAlgorithmId<br>
 AlgorithmId</td>
 </tr>
 <tr>
 <td>issuer</td>
 <td>x509.info.issuer<br>
 x509.info.issuer.dname</td>
 <td>CertificateIssuerName.IDENT<br>
 X509CertImpl.ISSUER_DN</td>
 <td>CertificateIssuerName<br>
 X500Name</td>
 </tr>
 <tr>
 <td>validity<br>
 validity.notAfter<br>
 validity.notBefore</td>
 <td>x509.info.validity<br>
 x509.info.validity.notAfter<br>
 x509.info.validity.notBefore</td>
 <td>CertificateValidity.IDENT<br>
 none<br>
 none</td>
 <td>CertificateValidity<br>
 java.util.Date<br>
 java.util.Date</td>
 </tr>
 <tr>
 <td>subject</td>
 <td>x509.info.subject<br>
 x509.info.subject.dname</td>
 <td>CertificateSubjectName.IDENT<br>
 X509CertImpl.SUBJECT_DN</td>
 <td>CertificateSubjectName<br>
 X500Name</td>
 </tr>
 <tr>
 <td>subjectPublicKeyInfo</td>
 <td>x509.info.key<br>
 x509.info.key.value</td>
 <td>CertificateX509Key.IDENT<br>
 X509CertImpl.PUBLIC_KEY</td>
 <td>CertificateX509Key<br>
 X509Key</td>
 </tr>
 <tr>
 <td>issuerUniqueID</td>
 <td>x509.info.issuerID<br>
 x509.info.issuerID.id</td>
 <td>CertificateIssuerUniqueIdentity.IDENT<br>
 none</td>
 <td>CertificateIssuerUniqueIdentity<br>
 UniqueIdentity</td>
 </tr>
 <tr>
 <td>subjectUniqueID</td>
 <td>x509.info.subjectID<br>
 x509.info.subjectID.id</td>
 <td>CertificateSubjectUniqueIdentity.IDENT<br>
 none</td>
 <td>CertificateSubjectUniqueIdentity<br>
 UniqueIdentity</td>
 </tr>
 <tr>
 <td>extensions</td>
 <td>x509.info.extensions</td>
 <td>CertificateExtensions.IDENT</td>
 <td>CertificateExtensions</td>
 </tr>
 </table>
 <br>
 <br>
 <table border=1>
 <caption>X.509 V3 certificate extensions</caption>
 <tr>
 <td><strong>Extension</strong></td>
 <td><strong>Extension attribute identifier</strong></td>
 <td><strong>Short form</strong></td>
 <td><strong>Type of Object returned</strong></td>
 </tr>
 <tr>
 <td>Authority Key Identifier</td>
 <td>x509.info.extensions.AuthorityKeyIdentifier</td>
 <td>AuthorityKeyIdentifierExtension.IDENT</td>
 <td>AuthorityKeyIdentifierExtension</td>
 </tr>
 <tr>
 <td>Subject Key Identifier</td>
 <td>x509.info.extensions.SubjectKeyIdentifier</td>
 <td>SubjectKeyIdentifierExtension.IDENT</td>
 <td>SubjectKeyIdentifierExtension</td>
 </tr>
 <tr>
 <td>Key Usage</td>
 <td>x509.info.extensions.KeyUsage</td>
 <td>KeyUsageExtension.IDENT</td>
 <td>KeyUsageExtension</td>
 </tr>
 <tr>
 <td>Private Key Usage Period</td>
 <td>x509.info.extensions.PrivateKeyUsage</td>
 <td>PrivateKeyUsageExtension.IDENT</td>
 <td>PrivateKeyUsageExtension</td>
 </tr>
 <tr>
 <td>Policy Mappings</td>
 <td>x509.info.extensions.PolicyMappings</td>
 <td>PolicyMappingsExtension.IDENT</td>
 <td>PolicyMappingsExtension</td>
 </tr>
 <tr>
 <td>Subject Alternative Name</td>
 <td>x509.info.extensions.SubjectAlternativeName</td>
 <td>SubjectAlternativeNameExtension.IDENT</td>
 <td>SubjectAlternativeNameExtension</td>
 </tr>
 <tr>
 <td>Issuer Alternative Name</td>
 <td>x509.info.extensions.IssuerAlternativeName</td>
 <td>IssuerAlternativeNameExtension.IDENT</td>
 <td>IssuerAlternativeNameExtension</td>
 </tr>
 <tr>
 <td>Basic Constraints</td>
 <td>x509.info.extensions.BasicConstraints</td>
 <td>BasicConstraintsExtension.IDENT</td>
 <td>BasicConstraintsExtension</td>
 </tr>
 <tr>
 <td>Name Constraints</td>
 <td>x509.info.extensions.NameConstraints</td>
 <td>NameConstraintsExtension.IDENT</td>
 <td>NameConstraintsExtension</td>
 </tr>
 <tr>
 <td>Policy Constraints</td>
 <td>x509.info.extensions.PolicyConstraints</td>
 <td>PolicyConstraintsExtension.IDENT</td>
 <td>PolicyConstraintsExtension</td>
 </tr>
 <tr>
 <td>Netscape Certificate Type</td>
 <td>x509.info.extensions.NetscapeCertType</td>
 <td>NetscapeCertTypeExtension.IDENT</td>
 <td>NetscapeCertTypeExtension</td>
 </tr>
 </table>
 <p>
 Extensions can be added by implementing the
 <code>sun.security.x509.CertAttrSet</code> interface and
 subclassing <code>sun.security.x509.Extension</code> class.
 Register the new extension using the OIDMap class.
 The following extensions are not currently supported from the
 PKIX profile:
 <table>
 <tr>
 <td>Name</td>
 <td>ObjectIdentifier</td>
 </tr>
 <tr>
 <td>CertificatePolicies</td>
 <td>2.5.29.32</td>
 </tr>
 </table>
 </BODY>
 </HTML>
	<HTML>
	<BODY>
	<HEAD>
	<TITLE>Certificate Attributes</TITLE>
	</HEAD>
	<h2><center>Certificate Attributes</center></h2>
	<font size=3><center>July 1998</font></center>
	<p>
	In JDK1.2 we provide an implementation of X.509 (version 3).
	The X509CertImpl class supports the following methods to
	manipulate the various attributes of a certificate:
	<pre>
	Object get(String name)
	void set(String name, Object value), and
	void delete(String name)
	</pre>
	A list of all the X.509 v3 Certificate attributes that can be manipulated
	is provided in the following table.
	For example, if you want to get the signature component of
	the certificate:
	<pre>
	X509CertImpl cert;
	// get the certificate object
	byte[] sig = (byte[])cert.get("x509.signature");
	// using the fully-qualified identifier
	OR
	byte[] sig = (byte[])cert.get(X509CertImpl.SIG);
	// using defined constants
	</pre>
	<p>
	<table border=1>
	<caption>sun.security.x509.X509CertImpl</caption>
	<tr>
	<td><strong>Attribute</strong></td>
	<td><strong>Fully-qualified identifier</strong></td>
	<td><strong>Defined constants</strong></td>
	<td><strong>Type of Object returned</strong><br>
	(in sun.security.x509 unless fully-qualified)</td>
	</tr>
	<tr>
	<td>signatureAlgorithm</td>
	<td>x509.algorithm</td>
	<td>X509CertImpl.SIG_ALG</td>
	<td>AlgorithmId</td>
	</tr>
	<tr>
	<td>signature</td>
	<td>x509.signature</td>
	<td>X509CertImpl.SIG</td>
	<td>byte[]</td>
	</tr>
	<tr>
	<td>tbsCertificate</td>
	<td>x509.info</td>
	<td>X509CertInfo.IDENT</td>
	<td>X509CertInfo</td>
	</tr>
	<tr>
	<td>version</td>
	<td>x509.info.version<br>
	x509.info.version.number</td>
	<td>CertificateVersion.IDENT<br>
	none</td>
	<td>CertificateVersion<br>
	java.lang.Integer</td>
	</tr>
	<tr>
	<td>serialNumber</td>
	<td>x509.info.serialNumber<br>
	x509.info.serialNumber.number</td>
	<td>CertificateSerialNumber.IDENT<br>
	X509CertImpl.SERIAL_ID</td>
	<td>CertificateSerialNumber<br>
	SerialNumber</td>
	</tr>
	<tr>
	<td>signature</td>
	<td>x509.info.algorithmID<br>
	x509.info.algorithmID.algorithm</td>
	<td>CertificateAlgorithmId.IDENT<br>
	none</td>
	<td>CertificateAlgorithmId<br>
	AlgorithmId</td>
	</tr>
	<tr>
	<td>issuer</td>
	<td>x509.info.issuer<br>
	x509.info.issuer.dname</td>
	<td>CertificateIssuerName.IDENT<br>
	X509CertImpl.ISSUER_DN</td>
	<td>CertificateIssuerName<br>
	X500Name</td>
	</tr>
	<tr>
	<td>validity<br>
	validity.notAfter<br>
	validity.notBefore</td>
	<td>x509.info.validity<br>
	x509.info.validity.notAfter<br>
	x509.info.validity.notBefore</td>
	<td>CertificateValidity.IDENT<br>
	none<br>
	none</td>
	<td>CertificateValidity<br>
	java.util.Date<br>
	java.util.Date</td>
	</tr>
	<tr>
	<td>subject</td>
	<td>x509.info.subject<br>
	x509.info.subject.dname</td>
	<td>CertificateSubjectName.IDENT<br>
	X509CertImpl.SUBJECT_DN</td>
	<td>CertificateSubjectName<br>
	X500Name</td>
	</tr>
	<tr>
	<td>subjectPublicKeyInfo</td>
	<td>x509.info.key<br>
	x509.info.key.value</td>
	<td>CertificateX509Key.IDENT<br>
	X509CertImpl.PUBLIC_KEY</td>
	<td>CertificateX509Key<br>
	X509Key</td>
	</tr>
	<tr>
	<td>issuerUniqueID</td>
	<td>x509.info.issuerID<br>
	x509.info.issuerID.id</td>
	<td>CertificateIssuerUniqueIdentity.IDENT<br>
	none</td>
	<td>CertificateIssuerUniqueIdentity<br>
	UniqueIdentity</td>
	</tr>
	<tr>
	<td>subjectUniqueID</td>
	<td>x509.info.subjectID<br>
	x509.info.subjectID.id</td>
	<td>CertificateSubjectUniqueIdentity.IDENT<br>
	none</td>
	<td>CertificateSubjectUniqueIdentity<br>
	UniqueIdentity</td>
	</tr>
	<tr>
	<td>extensions</td>
	<td>x509.info.extensions</td>
	<td>CertificateExtensions.IDENT</td>
	<td>CertificateExtensions</td>
	</tr>
	</table>
	<br>
	<br>
	<table border=1>
	<caption>X.509 V3 certificate extensions</caption>
	<tr>
	<td><strong>Extension</strong></td>
	<td><strong>Extension attribute identifier</strong></td>
	<td><strong>Short form</strong></td>
	<td><strong>Type of Object returned</strong></td>
	</tr>
	<tr>
	<td>Authority Key Identifier</td>
	<td>x509.info.extensions.AuthorityKeyIdentifier</td>
	<td>AuthorityKeyIdentifierExtension.IDENT</td>
	<td>AuthorityKeyIdentifierExtension</td>
	</tr>
	<tr>
	<td>Subject Key Identifier</td>
	<td>x509.info.extensions.SubjectKeyIdentifier</td>
	<td>SubjectKeyIdentifierExtension.IDENT</td>
	<td>SubjectKeyIdentifierExtension</td>
	</tr>
	<tr>
	<td>Key Usage</td>
	<td>x509.info.extensions.KeyUsage</td>
	<td>KeyUsageExtension.IDENT</td>
	<td>KeyUsageExtension</td>
	</tr>
	<tr>
	<td>Private Key Usage Period</td>
	<td>x509.info.extensions.PrivateKeyUsage</td>
	<td>PrivateKeyUsageExtension.IDENT</td>
	<td>PrivateKeyUsageExtension</td>
	</tr>
	<tr>
	<td>Policy Mappings</td>
	<td>x509.info.extensions.PolicyMappings</td>
	<td>PolicyMappingsExtension.IDENT</td>
	<td>PolicyMappingsExtension</td>
	</tr>
	<tr>
	<td>Subject Alternative Name</td>
	<td>x509.info.extensions.SubjectAlternativeName</td>
	<td>SubjectAlternativeNameExtension.IDENT</td>
	<td>SubjectAlternativeNameExtension</td>
	</tr>
	<tr>
	<td>Issuer Alternative Name</td>
	<td>x509.info.extensions.IssuerAlternativeName</td>
	<td>IssuerAlternativeNameExtension.IDENT</td>
	<td>IssuerAlternativeNameExtension</td>
	</tr>
	<tr>
	<td>Basic Constraints</td>
	<td>x509.info.extensions.BasicConstraints</td>
	<td>BasicConstraintsExtension.IDENT</td>
	<td>BasicConstraintsExtension</td>
	</tr>
	<tr>
	<td>Name Constraints</td>
	<td>x509.info.extensions.NameConstraints</td>
	<td>NameConstraintsExtension.IDENT</td>
	<td>NameConstraintsExtension</td>
	</tr>
	<tr>
	<td>Policy Constraints</td>
	<td>x509.info.extensions.PolicyConstraints</td>
	<td>PolicyConstraintsExtension.IDENT</td>
	<td>PolicyConstraintsExtension</td>
	</tr>
	<tr>
	<td>Netscape Certificate Type</td>
	<td>x509.info.extensions.NetscapeCertType</td>
	<td>NetscapeCertTypeExtension.IDENT</td>
	<td>NetscapeCertTypeExtension</td>
	</tr>
	</table>
	<p>
	Extensions can be added by implementing the
	<code>sun.security.x509.CertAttrSet</code> interface and
	subclassing <code>sun.security.x509.Extension</code> class.
	Register the new extension using the OIDMap class.
	The following extensions are not currently supported from the
	PKIX profile:
	<table>
	<tr>
	<td>Name</td>
	<td>ObjectIdentifier</td>
	</tr>
	<tr>
	<td>CertificatePolicies</td>
	<td>2.5.29.32</td>
	</tr>
	</table>
	</BODY>
	</HTML>