Package org.mozilla.jss.netscape.security.x509

Class PrivateKeyUsageExtension

java.lang.Object

org.mozilla.jss.netscape.security.x509.Extension

org.mozilla.jss.netscape.security.x509.PrivateKeyUsageExtension

All Implemented Interfaces:

java.io.Serializable, CertAttrSet

public class PrivateKeyUsageExtension
extends Extension
implements CertAttrSet

This class defines the Private Key Usage Extension.

The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the private key than the certificate. This extension is intended for use with digital signature keys. This extension consists of two optional components notBefore and notAfter. The private key associated with the certificate should not be used to sign objects before or after the times specified by the two components, respectively.

 PrivateKeyUsagePeriod ::= SEQUENCE {
     notBefore  [0]  GeneralizedTime OPTIONAL,
     notAfter   [1]  GeneralizedTime OPTIONAL }
 

See Also:

Extension, CertAttrSet, Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	IDENT	Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.
static java.lang.String	NAME	Sub attributes name for this CertAttrSet.
static java.lang.String	NOT_AFTER
static java.lang.String	NOT_BEFORE

Fields inherited from class org.mozilla.jss.netscape.security.x509.Extension

critical, extensionId, extensionValue

Constructor Summary

Constructors

Constructor	Description
PrivateKeyUsageExtension(java.lang.Boolean critical, java.lang.Object value)	Create the extension from the passed DER encoded value.
PrivateKeyUsageExtension(java.util.Date notBefore, java.util.Date notAfter)	The default constructor for PrivateKeyUsageExtension.

Method Summary

Modifier and Type	Method	Description
void	decode(java.io.InputStream in)	Decode the extension from the InputStream.
void	delete(java.lang.String name)	Delete the attribute value.
void	encode(java.io.OutputStream out)	Write the extension to the OutputStream.
java.lang.Object	get(java.lang.String name)	Get the attribute value.
java.util.Enumeration<java.lang.String>	getAttributeNames()	Return an enumeration of names of attributes existing within this attribute.
java.lang.String	getName()	Return the name of this attribute.
java.util.Date	getNotAfter()	Return notAfter date
java.util.Date	getNotBefore()	Return notBefore date
void	set(java.lang.String name, java.lang.Object obj)	Set the attribute value.
java.lang.String	toString()	Return the printable string.
void	valid()	Verify that that the current time is within the validity period.
void	valid(java.util.Date now)	Verify that that the passed time is within the validity period.

Methods inherited from class org.mozilla.jss.netscape.security.x509.Extension

clearValue, encode, getExtensionId, getExtensionValue, isCritical, setCritical, setExtensionId, setExtensionValue

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

IDENT

public static final java.lang.String IDENT

Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.

See Also:

Constant Field Values

NAME

public static final java.lang.String NAME

Sub attributes name for this CertAttrSet.

See Also:

Constant Field Values

NOT_BEFORE

public static final java.lang.String NOT_BEFORE

See Also:

Constant Field Values

NOT_AFTER

public static final java.lang.String NOT_AFTER

See Also:

Constant Field Values

Constructor Detail

PrivateKeyUsageExtension

public PrivateKeyUsageExtension(java.util.Date notBefore,
                                java.util.Date notAfter)
                         throws java.io.IOException

The default constructor for PrivateKeyUsageExtension.

Parameters:

notBefore - the date/time before which the private key should not be used.

notAfter - the date/time after which the private key should not be used.

Throws:

java.io.IOException

PrivateKeyUsageExtension

public PrivateKeyUsageExtension(java.lang.Boolean critical,
                                java.lang.Object value)
                         throws java.security.cert.CertificateException,
                                java.io.IOException

Create the extension from the passed DER encoded value.

Parameters:

critical - true if the extension is to be treated as critical.

value - Array of DER encoded bytes of the actual value.

Throws:

java.security.cert.CertificateException - on certificate parsing errors.

java.io.IOException - on error.

Method Detail

toString

public java.lang.String toString()

Return the printable string.

Specified by:

toString in interface CertAttrSet

Overrides:

toString in class Extension

Returns:

value of this certificate attribute in printable form.

getNotBefore

public java.util.Date getNotBefore()

Return notBefore date

getNotAfter

public java.util.Date getNotAfter()

Return notAfter date

valid

public void valid()
           throws java.security.cert.CertificateNotYetValidException,
                  java.security.cert.CertificateExpiredException

Verify that that the current time is within the validity period.

Throws:

java.security.cert.CertificateExpiredException - if the certificate has expired.

java.security.cert.CertificateNotYetValidException - if the certificate is not yet valid.

valid

public void valid(java.util.Date now)
           throws java.security.cert.CertificateNotYetValidException,
                  java.security.cert.CertificateExpiredException

Verify that that the passed time is within the validity period.

Throws:

java.security.cert.CertificateExpiredException - if the certificate has expired with respect to the Date supplied.

java.security.cert.CertificateNotYetValidException - if the certificate is not yet valid with respect to the Date supplied.

encode

public void encode(java.io.OutputStream out)
            throws java.io.IOException

Write the extension to the OutputStream.

Specified by:

encode in interface CertAttrSet

Parameters:

out - the OutputStream to write the extension to.

Throws:

java.io.IOException - on encoding errors.

decode

public void decode(java.io.InputStream in)
            throws java.security.cert.CertificateException

Decode the extension from the InputStream.

Specified by:

decode in interface CertAttrSet

Parameters:

in - the InputStream to unmarshal the contents from.

Throws:

java.security.cert.CertificateException - on decoding errors.

set

public void set(java.lang.String name,
                java.lang.Object obj)
         throws java.security.cert.CertificateException

Set the attribute value.

Specified by:

set in interface CertAttrSet

Parameters:

name - the name of the attribute (e.g. "x509.info.key")

obj - the attribute object.

Throws:

java.security.cert.CertificateException - on attribute handling errors.

get

public java.lang.Object get(java.lang.String name)
                     throws java.security.cert.CertificateException

Get the attribute value.

Specified by:

get in interface CertAttrSet

Parameters:

name - the name of the attribute to return.

Throws:

java.security.cert.CertificateException - on attribute handling errors.

delete

public void delete(java.lang.String name)
            throws java.security.cert.CertificateException

Delete the attribute value.

Specified by:

delete in interface CertAttrSet

Parameters:

name - the name of the attribute to delete.

Throws:

java.security.cert.CertificateException - on attribute handling errors.

getAttributeNames

public java.util.Enumeration<java.lang.String> getAttributeNames()

Return an enumeration of names of attributes existing within this attribute.

Specified by:

getAttributeNames in interface CertAttrSet

Returns:

an enumeration of the attribute names.

getName

public java.lang.String getName()

Return the name of this attribute.

Specified by:

getName in interface CertAttrSet

Returns:

the name of this CertAttrSet.