Java Code Examples for java.security.cert.PolicyQualifierInfo

Following code examples demonstrate how to use java.security.cert.PolicyQualifierInfofrom java. These examples are extracted from various highly rated open source projects. You can directly use these code snippets or view their entire linked source code. These snippets are extracted to provide contextual information about how to use this class in the real world. These samples also let you understand some good practices on how to use java.security.cert.PolicyQualifierInfoand various code implementation of this class.

    public PolicyInformation(DerValue val) throws IOException {
	if (val.tag != DerValue.tag_Sequence) {
	    throw new IOException("Invalid encoding of PolicyInformation");
	}
	policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
	if (val.data.available() != 0) {
	    policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
	    DerValue opt = val.data.getDerValue();
	    if (opt.tag != DerValue.tag_Sequence) 
		throw new IOException("Invalid encoding of PolicyInformation");
	    if (opt.data.available() == 0)
		throw new IOException("No data available in policyQualifiers");
	    while (opt.data.available() != 0)
		policyQualifiers.add(new PolicyQualifierInfo
			(opt.data.getDerValue().toByteArray()));
	} else {
	    policyQualifiers = Collections.emptySet();
	}
    } 


    public void encode(DerOutputStream out) throws IOException {
	DerOutputStream tmp = new DerOutputStream();
	policyIdentifier.encode(tmp);
	if (!policyQualifiers.isEmpty()) {
            DerOutputStream tmp2 = new DerOutputStream();
	    for (PolicyQualifierInfo pq : policyQualifiers) {
	        tmp2.write(pq.getEncoded());
	    }
            tmp.write(DerValue.tag_Sequence, tmp2);
	}
	out.write(DerValue.tag_Sequence, tmp);
    } 

	    if (obj instanceof Set) {
		Iterator i = ((Set)obj).iterator(); 
                while (i.hasNext()) { 
                    Object obj1 = i.next(); 
                    if (!(obj1 instanceof PolicyQualifierInfo)) { 
                        throw new IOException("Attribute value must be a" + 
                                    "Set of PolicyQualifierInfo objects."); 
                    } 
                } 
		policyQualifiers = (Set<PolicyQualifierInfo>) obj;
	    } else {
		throw new IOException("Attribute value must be of type Set.");
	    } 

    @Test
    public default void verifyGenericType()
    throws Exception {
        final Class<SUT> sut = createNewSUT();
        assertTrue("This j8unit test interface is used with a generic type that is illegaly not assignable to PolicyQualifierInfo.class!",
                   PolicyQualifierInfo.class.isAssignableFrom(sut));
    } 

Advertisement
Javadoc
An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo structure.

The

ASN.1 definition is as follows: PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId

A certificate policies extension, if present in an X.509 version 3 certificate, contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. In an end-entity certificate, these policy information terms indicate the policy under which the certificate has been issued and the purposes for which the certificate may be used. In a CA certificate, these policy information terms limit the set of policies for certification paths which include this certificate.

A Set of PolicyQualifierInfo objects are returned by the PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers method. This allows applications with specific policy requirements to process and validate each policy qualifier. Applications that need to process policy qualifiers should explicitly set the policyQualifiersRejected flag to false (by calling the PKIXParameters#setPolicyQualifiersRejected PKIXParameters.setPolicyQualifiersRejected method) before validating a certification path.

Note that the PKIX certification path validation algorithm specifies that any policy qualifier in a certificate policies extension that is marked critical must be processed and validated. Otherwise the certification path must be rejected. If the policyQualifiersRejected flag is set to false, it is up to the application to validate all policy qualifiers in this manner in order to be PKIX compliant.

Concurrent Access

All PolicyQualifierInfo objects must be immutable and thread-safe. That is, multiple threads may concurrently invoke the methods defined in this class on a single PolicyQualifierInfo object (or more than one) with no ill effects. Requiring PolicyQualifierInfo objects to be immutable and thread-safe allows them to be passed around to various pieces of code without worrying about coordinating access. @author seth proctor @author Sean Mullan @since 1.4

Read More
Advertisement