< prev index next >
src/share/classes/sun/security/x509/PKIXExtensions.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 47,84 ****
* @author Amit Kapoor
* @author Hemma Prafullchandra
*/
public class PKIXExtensions {
// The object identifiers
! private static final int AuthorityKey_data [] = { 2, 5, 29, 35 };
! private static final int SubjectKey_data [] = { 2, 5, 29, 14 };
! private static final int KeyUsage_data [] = { 2, 5, 29, 15 };
! private static final int PrivateKeyUsage_data [] = { 2, 5, 29, 16 };
! private static final int CertificatePolicies_data [] = { 2, 5, 29, 32 };
! private static final int PolicyMappings_data [] = { 2, 5, 29, 33 };
! private static final int SubjectAlternativeName_data [] = { 2, 5, 29, 17 };
! private static final int IssuerAlternativeName_data [] = { 2, 5, 29, 18 };
! private static final int SubjectDirectoryAttributes_data [] = { 2, 5, 29, 9 };
! private static final int BasicConstraints_data [] = { 2, 5, 29, 19 };
! private static final int NameConstraints_data [] = { 2, 5, 29, 30 };
! private static final int PolicyConstraints_data [] = { 2, 5, 29, 36 };
! private static final int CRLDistributionPoints_data [] = { 2, 5, 29, 31 };
! private static final int CRLNumber_data [] = { 2, 5, 29, 20 };
! private static final int IssuingDistributionPoint_data [] = { 2, 5, 29, 28 };
! private static final int DeltaCRLIndicator_data [] = { 2, 5, 29, 27 };
! private static final int ReasonCode_data [] = { 2, 5, 29, 21 };
! private static final int HoldInstructionCode_data [] = { 2, 5, 29, 23 };
! private static final int InvalidityDate_data [] = { 2, 5, 29, 24 };
! private static final int ExtendedKeyUsage_data [] = { 2, 5, 29, 37 };
! private static final int InhibitAnyPolicy_data [] = { 2, 5, 29, 54 };
! private static final int CertificateIssuer_data [] = { 2, 5, 29, 29 };
! private static final int AuthInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 1};
! private static final int SubjectInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 11};
! private static final int FreshestCRL_data [] = { 2, 5, 29, 46 };
! private static final int OCSPNoCheck_data [] = { 1, 3, 6, 1, 5, 5, 7,
48, 1, 5};
/**
* Identifies the particular public key used to sign the certificate.
*/
public static final ObjectIdentifier AuthorityKey_Id;
--- 47,89 ----
* @author Amit Kapoor
* @author Hemma Prafullchandra
*/
public class PKIXExtensions {
// The object identifiers
! private static final int[] AuthorityKey_data = { 2, 5, 29, 35 };
! private static final int[] SubjectKey_data = { 2, 5, 29, 14 };
! private static final int[] KeyUsage_data = { 2, 5, 29, 15 };
! private static final int[] PrivateKeyUsage_data = { 2, 5, 29, 16 };
! private static final int[] CertificatePolicies_data = { 2, 5, 29, 32 };
! private static final int[] PolicyMappings_data = { 2, 5, 29, 33 };
! private static final int[] SubjectAlternativeName_data = { 2, 5, 29, 17 };
! private static final int[] IssuerAlternativeName_data = { 2, 5, 29, 18 };
! private static final int[] SubjectDirectoryAttributes_data = { 2, 5, 29, 9 };
! private static final int[] BasicConstraints_data = { 2, 5, 29, 19 };
! private static final int[] NameConstraints_data = { 2, 5, 29, 30 };
! private static final int[] PolicyConstraints_data = { 2, 5, 29, 36 };
! private static final int[] CRLDistributionPoints_data = { 2, 5, 29, 31 };
! private static final int[] CRLNumber_data = { 2, 5, 29, 20 };
! private static final int[] IssuingDistributionPoint_data = { 2, 5, 29, 28 };
! private static final int[] DeltaCRLIndicator_data = { 2, 5, 29, 27 };
! private static final int[] ReasonCode_data = { 2, 5, 29, 21 };
! private static final int[] HoldInstructionCode_data = { 2, 5, 29, 23 };
! private static final int[] InvalidityDate_data = { 2, 5, 29, 24 };
! private static final int[] ExtendedKeyUsage_data = { 2, 5, 29, 37 };
! private static final int[] InhibitAnyPolicy_data = { 2, 5, 29, 54 };
! private static final int[] CertificateIssuer_data = { 2, 5, 29, 29 };
! private static final int[] AuthInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 1};
! private static final int[] SubjectInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 11};
! private static final int[] FreshestCRL_data = { 2, 5, 29, 46 };
! private static final int[] OCSPNoCheck_data = { 1, 3, 6, 1, 5, 5, 7,
48, 1, 5};
+ // Additional extensions under the PKIX arc that are not necessarily
+ // used in X.509 Certificates or CRLs.
+ private static final int[] OCSPNonce_data = { 1, 3, 6, 1, 5, 5, 7,
+ 48, 1, 2};
+
/**
* Identifies the particular public key used to sign the certificate.
*/
public static final ObjectIdentifier AuthorityKey_Id;
*** 102,123 ****
* Contains the sequence of policy information terms.
*/
public static final ObjectIdentifier CertificatePolicies_Id;
/**
! * Lists pairs of objectidentifiers of policies considered equivalent by the
! * issuing CA to the subject CA.
*/
public static final ObjectIdentifier PolicyMappings_Id;
/**
! * Allows additional identities to be bound to the subject of the certificate.
*/
public static final ObjectIdentifier SubjectAlternativeName_Id;
/**
! * Allows additional identities to be associated with the certificate issuer.
*/
public static final ObjectIdentifier IssuerAlternativeName_Id;
/**
* Identifies additional directory attributes.
--- 107,130 ----
* Contains the sequence of policy information terms.
*/
public static final ObjectIdentifier CertificatePolicies_Id;
/**
! * Lists pairs of object identifiers of policies considered equivalent by
! * the issuing CA to the subject CA.
*/
public static final ObjectIdentifier PolicyMappings_Id;
/**
! * Allows additional identities to be bound to the subject of the
! * certificate.
*/
public static final ObjectIdentifier SubjectAlternativeName_Id;
/**
! * Allows additional identities to be associated with the certificate
! * issuer.
*/
public static final ObjectIdentifier IssuerAlternativeName_Id;
/**
* Identifies additional directory attributes.
*** 222,231 ****
--- 229,244 ----
* Identifies the OCSP client can trust the responder for the
* lifetime of the responder's certificate.
*/
public static final ObjectIdentifier OCSPNoCheck_Id;
+ /**
+ * This extension is used to provide nonce data for OCSP requests
+ * or responses.
+ */
+ public static final ObjectIdentifier OCSPNonce_Id;
+
static {
AuthorityKey_Id = ObjectIdentifier.newInternal(AuthorityKey_data);
SubjectKey_Id = ObjectIdentifier.newInternal(SubjectKey_data);
KeyUsage_Id = ObjectIdentifier.newInternal(KeyUsage_data);
PrivateKeyUsage_Id = ObjectIdentifier.newInternal(PrivateKeyUsage_data);
*** 264,270 ****
--- 277,284 ----
ObjectIdentifier.newInternal(AuthInfoAccess_data);
SubjectInfoAccess_Id =
ObjectIdentifier.newInternal(SubjectInfoAccess_data);
FreshestCRL_Id = ObjectIdentifier.newInternal(FreshestCRL_data);
OCSPNoCheck_Id = ObjectIdentifier.newInternal(OCSPNoCheck_data);
+ OCSPNonce_Id = ObjectIdentifier.newInternal(OCSPNonce_data);
}
}
< prev index next >