- java.lang.Object
-
- java.security.cert.PolicyQualifierInfo
-
public class PolicyQualifierInfo extends Object
An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo structure.The ASN.1 definition is as follows:
PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId }
A certificate policies extension, if present in an X.509 version 3 certificate, contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. In an end-entity certificate, these policy information terms indicate the policy under which the certificate has been issued and the purposes for which the certificate may be used. In a CA certificate, these policy information terms limit the set of policies for certification paths which include this certificate.
A
Set
ofPolicyQualifierInfo
objects are returned by thePolicyNode.getPolicyQualifiers
method. This allows applications with specific policy requirements to process and validate each policy qualifier. Applications that need to process policy qualifiers should explicitly set thepolicyQualifiersRejected
flag to false (by calling thePKIXParameters.setPolicyQualifiersRejected
method) before validating a certification path.Note that the PKIX certification path validation algorithm specifies that any policy qualifier in a certificate policies extension that is marked critical must be processed and validated. Otherwise the certification path must be rejected. If the
policyQualifiersRejected
flag is set to false, it is up to the application to validate all policy qualifiers in this manner in order to be PKIX compliant.Concurrent Access
All
PolicyQualifierInfo
objects must be immutable and thread-safe. That is, multiple threads may concurrently invoke the methods defined in this class on a singlePolicyQualifierInfo
object (or more than one) with no ill effects. RequiringPolicyQualifierInfo
objects to be immutable and thread-safe allows them to be passed around to various pieces of code without worrying about coordinating access.- Since:
- 1.4
-
-
Constructor Summary
Constructors Constructor and Description PolicyQualifierInfo(byte[] encoded)
Creates an instance ofPolicyQualifierInfo
from the encoded bytes.
-
Method Summary
Methods Modifier and Type Method and Description byte[]
getEncoded()
Returns the ASN.1 DER encoded form of thisPolicyQualifierInfo
.byte[]
getPolicyQualifier()
Returns the ASN.1 DER encoded form of thequalifier
field of thisPolicyQualifierInfo
.String
getPolicyQualifierId()
Returns thepolicyQualifierId
field of thisPolicyQualifierInfo
.String
toString()
Return a printable representation of thisPolicyQualifierInfo
.
-
-
-
Constructor Detail
-
PolicyQualifierInfo
public PolicyQualifierInfo(byte[] encoded) throws IOException
Creates an instance ofPolicyQualifierInfo
from the encoded bytes. The encoded byte array is copied on construction.- Parameters:
encoded
- a byte array containing the qualifier in DER encoding- Throws:
IOException
- thrown if the byte array does not represent a valid and parsable policy qualifier
-
-
Method Detail
-
getPolicyQualifierId
public final String getPolicyQualifierId()
Returns thepolicyQualifierId
field of thisPolicyQualifierInfo
. ThepolicyQualifierId
is an Object Identifier (OID) represented by a set of nonnegative integers separated by periods.- Returns:
- the OID (never
null
)
-
getEncoded
public final byte[] getEncoded()
Returns the ASN.1 DER encoded form of thisPolicyQualifierInfo
.- Returns:
- the ASN.1 DER encoded bytes (never
null
). Note that a copy is returned, so the data is cloned each time this method is called.
-
getPolicyQualifier
public final byte[] getPolicyQualifier()
Returns the ASN.1 DER encoded form of thequalifier
field of thisPolicyQualifierInfo
.- Returns:
- the ASN.1 DER encoded bytes of the
qualifier
field. Note that a copy is returned, so the data is cloned each time this method is called.
-
-
Document created the 11/06/2005, last modified the 04/03/2020
Source of the printed document:https://www.gaudry.be/en/java-api-rf-java/security/cert/policyqualifierinfo.html
The infobrol is a personal site whose content is my sole responsibility. The text is available under CreativeCommons license (BY-NC-SA). More info on the terms of use and the author.
References
These references and links indicate documents consulted during the writing of this page, or which may provide additional information, but the authors of these sources can not be held responsible for the content of this page.
The author This site is solely responsible for the way in which the various concepts, and the freedoms that are taken with the reference works, are presented here. Remember that you must cross multiple source information to reduce the risk of errors.