001    /* X509Extension.java --- X.509 Extension
002       Copyright (C) 1999 Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    
039    package java.security.cert;
040    import java.util.Set;
041    
042    /**
043            Public interface for the X.509 Extension.
044    
045            This is used for X.509 v3 Certificates and CRL v2 (Certificate
046            Revocation Lists) for managing attributes assoicated with
047            Certificates, for managing the hierarchy of certificates,
048            and for managing the distribution of CRL. This extension
049            format is used to define private extensions.
050    
051            Each extensions for a certificate or CRL must be marked
052            either critical or non-critical. If the certificate/CRL
053            system encounters a critical extension not recognized then
054            it must reject the certificate. A non-critical extension
055            may be just ignored if not recognized.
056    
057    
058            The ASN.1 definition for this class is:
059    
060             Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
061    
062             Extension  ::=  SEQUENCE  {
063                 extnId        OBJECT IDENTIFIER,
064                 critical      BOOLEAN DEFAULT FALSE,
065                 extnValue     OCTET STRING
066                               -- contains a DER encoding of a value
067                               -- of the type registered for use with
068                               -- the extnId object identifier value
069             }
070    
071            @author Mark Benvenuto
072    
073            @since 1.2
074    */
075    public interface X509Extension
076    {
077    
078      /**
079         Returns true if the certificate contains a critical extension
080         that is not supported.
081    
082         @return true if has unsupported extension, false otherwise
083      */
084      boolean hasUnsupportedCriticalExtension();
085    
086      /**
087         Returns a set of the CRITICAL extension OIDs from the
088         certificate/CRL that the object implementing this interface
089         manages.
090    
091         @return A Set containing the OIDs. If there are no CRITICAL
092         extensions or extensions at all this returns null.
093      */
094      Set<String> getCriticalExtensionOIDs();
095    
096      /**
097         Returns a set of the NON-CRITICAL extension OIDs from the
098         certificate/CRL that the object implementing this interface
099         manages.
100    
101         @return A Set containing the OIDs. If there are no NON-CRITICAL
102         extensions or extensions at all this returns null.
103      */
104      Set<String> getNonCriticalExtensionOIDs();
105    
106      /**
107         Returns the DER encoded OCTET string for the specified
108         extension value identified by a OID. The OID is a string
109         of number separated by periods. Ex: 12.23.45.67
110      */
111      byte[] getExtensionValue(String oid);
112    
113    }