com.entrust.toolkit.x509.extensions

Class CertificateTransparencyPoison

java.lang.Object

iaik.x509.V3Extension

com.entrust.toolkit.x509.extensions.CertificateTransparencyPoison

public class CertificateTransparencyPoison
extends V3Extension

The Certificate Transparency Poison Extension is a V3Extension used for Certificate Transparency. It is used in the Pre-Certificate as a critical extension to indicate the certificate should not be used. From RFC 6962:

 The Precertificate is constructed from the certificate to be issued by 
 adding a special critical poison extension (OID 1.3.6.1.4.1.11129.2.4.3, 
 whose extnValue OCTET STRING contains ASN.1 NULL data (0x05 0x00)) to 
 the end-entity TBSCertificate, minus the SCT extension, which is 
 obviously unknown until after the Precertificate has been submitted to 
 the log.  The poison extension is to ensure that the Precertificate 
 cannot be validated by a standard X.509v3 client. 
 

Since:

8.0 patch

Field Summary

Fields

Modifier and Type	Field and Description
static ObjectID	oid The Certificate Transparency Poison Extension

Fields inherited from class iaik.x509.V3Extension

critical

Constructor Summary

Constructors

Constructor and Description
CertificateTransparencyPoison()

Method Summary

Methods

Modifier and Type	Method and Description
ObjectID	getObjectID() Returns the object ID of the extension.
int	hashCode() Returns the hash code of the extension.
void	init(ASN1Object obj) Inits the implementation with an ASN1Object.
ASN1Object	toASN1Object() Return the ASN1Object representation of this Certificate Transparency Poison Extension.

Methods inherited from class iaik.x509.V3Extension

getName, isCritical, setCritical

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

oid

public static final ObjectID oid

The Certificate Transparency Poison Extension

Constructor Detail

CertificateTransparencyPoison

public CertificateTransparencyPoison()

Method Detail

init

public void init(ASN1Object obj)
          throws X509ExtensionException

Description copied from class: V3Extension

Inits the implementation with an ASN1Object. This method is used by the X509Extensions class when parsing the ASN.1 representation of a certificate (or a CRL) for properly initializing any included extension. This method initilaizes a specific extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Specified by:

init in class V3Extension

Parameters:

obj - the extension value as ASN1Object

Throws:

X509ExtensionException - if the extension could not parse the ASN1Object

toASN1Object

public ASN1Object toASN1Object()
                        throws X509ExtensionException

Return the ASN1Object representation of this Certificate Transparency Poison Extension. According to RFC 6962 the value of the extension should be an OCTET_STRING that contains and ASN.1 NULL data (0x05, 0x00);

Specified by:

toASN1Object in class V3Extension

Returns:

the value of the extension as ASN1Object

Throws:

X509ExtensionException - if the extension could not be created

getObjectID

public ObjectID getObjectID()

Description copied from class: V3Extension

Returns the object ID of the extension.

Specified by:

getObjectID in class V3Extension

Returns:

the object ID of this CertificateTransparencyPoison extension

hashCode

public int hashCode()

Description copied from class: V3Extension

Returns the hash code of the extension.

Specified by:

hashCode in class V3Extension

Returns:

a hash code for this identity