< prev index next >

src/share/classes/sun/security/x509/PKIXExtensions.java

Print this page 

        
@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -47,38 +47,43 @@
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  */
 public class PKIXExtensions {
     // The object identifiers
-    private static final int AuthorityKey_data [] = { 2, 5, 29, 35 };
-    private static final int SubjectKey_data [] = { 2, 5, 29, 14 };
-    private static final int KeyUsage_data [] = { 2, 5, 29, 15 };
-    private static final int PrivateKeyUsage_data [] = { 2, 5, 29, 16 };
-    private static final int CertificatePolicies_data [] = { 2, 5, 29, 32 };
-    private static final int PolicyMappings_data [] = { 2, 5, 29, 33 };
-    private static final int SubjectAlternativeName_data [] = { 2, 5, 29, 17 };
-    private static final int IssuerAlternativeName_data [] = { 2, 5, 29, 18 };
-    private static final int SubjectDirectoryAttributes_data [] = { 2, 5, 29, 9 };
-    private static final int BasicConstraints_data [] = { 2, 5, 29, 19 };
-    private static final int NameConstraints_data [] = { 2, 5, 29, 30 };
-    private static final int PolicyConstraints_data [] = { 2, 5, 29, 36 };
-    private static final int CRLDistributionPoints_data [] = { 2, 5, 29, 31 };
-    private static final int CRLNumber_data [] = { 2, 5, 29, 20 };
-    private static final int IssuingDistributionPoint_data [] = { 2, 5, 29, 28 };
-    private static final int DeltaCRLIndicator_data [] = { 2, 5, 29, 27 };
-    private static final int ReasonCode_data [] = { 2, 5, 29, 21 };
-    private static final int HoldInstructionCode_data [] = { 2, 5, 29, 23 };
-    private static final int InvalidityDate_data [] = { 2, 5, 29, 24 };
-    private static final int ExtendedKeyUsage_data [] = { 2, 5, 29, 37 };
-    private static final int InhibitAnyPolicy_data [] = { 2, 5, 29, 54 };
-    private static final int CertificateIssuer_data [] = { 2, 5, 29, 29 };
-    private static final int AuthInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 1};
-    private static final int SubjectInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 11};
-    private static final int FreshestCRL_data [] = { 2, 5, 29, 46 };
-    private static final int OCSPNoCheck_data [] = { 1, 3, 6, 1, 5, 5, 7,
+    private static final int[] AuthorityKey_data = { 2, 5, 29, 35 };
+    private static final int[] SubjectKey_data = { 2, 5, 29, 14 };
+    private static final int[] KeyUsage_data = { 2, 5, 29, 15 };
+    private static final int[] PrivateKeyUsage_data = { 2, 5, 29, 16 };
+    private static final int[] CertificatePolicies_data = { 2, 5, 29, 32 };
+    private static final int[] PolicyMappings_data = { 2, 5, 29, 33 };
+    private static final int[] SubjectAlternativeName_data = { 2, 5, 29, 17 };
+    private static final int[] IssuerAlternativeName_data = { 2, 5, 29, 18 };
+    private static final int[] SubjectDirectoryAttributes_data = { 2, 5, 29, 9 };
+    private static final int[] BasicConstraints_data = { 2, 5, 29, 19 };
+    private static final int[] NameConstraints_data = { 2, 5, 29, 30 };
+    private static final int[] PolicyConstraints_data = { 2, 5, 29, 36 };
+    private static final int[] CRLDistributionPoints_data = { 2, 5, 29, 31 };
+    private static final int[] CRLNumber_data = { 2, 5, 29, 20 };
+    private static final int[] IssuingDistributionPoint_data = { 2, 5, 29, 28 };
+    private static final int[] DeltaCRLIndicator_data = { 2, 5, 29, 27 };
+    private static final int[] ReasonCode_data = { 2, 5, 29, 21 };
+    private static final int[] HoldInstructionCode_data = { 2, 5, 29, 23 };
+    private static final int[] InvalidityDate_data = { 2, 5, 29, 24 };
+    private static final int[] ExtendedKeyUsage_data = { 2, 5, 29, 37 };
+    private static final int[] InhibitAnyPolicy_data = { 2, 5, 29, 54 };
+    private static final int[] CertificateIssuer_data = { 2, 5, 29, 29 };
+    private static final int[] AuthInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 1};
+    private static final int[] SubjectInfoAccess_data = { 1, 3, 6, 1, 5, 5, 7, 1, 11};
+    private static final int[] FreshestCRL_data = { 2, 5, 29, 46 };
+    private static final int[] OCSPNoCheck_data = { 1, 3, 6, 1, 5, 5, 7,
                                                     48, 1, 5};
 
+    // Additional extensions under the PKIX arc that are not necessarily
+    // used in X.509 Certificates or CRLs.
+    private static final int[] OCSPNonce_data = { 1, 3, 6, 1, 5, 5, 7,
+                                                  48, 1, 2};
+
     /**
      * Identifies the particular public key used to sign the certificate.
      */
     public static final ObjectIdentifier AuthorityKey_Id;
 

@@ -102,22 +107,24 @@
      * Contains the sequence of policy information terms.
      */
     public static final ObjectIdentifier CertificatePolicies_Id;
 
     /**
-     * Lists pairs of objectidentifiers of policies considered equivalent by the
-     * issuing CA to the subject CA.
+     * Lists pairs of object identifiers of policies considered equivalent by
+     * the issuing CA to the subject CA.
      */
     public static final ObjectIdentifier PolicyMappings_Id;
 
     /**
-     * Allows additional identities to be bound to the subject of the certificate.
+     * Allows additional identities to be bound to the subject of the
+     * certificate.
      */
     public static final ObjectIdentifier SubjectAlternativeName_Id;
 
     /**
-     * Allows additional identities to be associated with the certificate issuer.
+     * Allows additional identities to be associated with the certificate
+     * issuer.
      */
     public static final ObjectIdentifier IssuerAlternativeName_Id;
 
     /**
      * Identifies additional directory attributes.

@@ -222,10 +229,16 @@
      * Identifies the OCSP client can trust the responder for the
      * lifetime of the responder's certificate.
      */
     public static final ObjectIdentifier OCSPNoCheck_Id;
 
+    /**
+     * This extension is used to provide nonce data for OCSP requests
+     * or responses.
+     */
+    public static final ObjectIdentifier OCSPNonce_Id;
+
     static {
         AuthorityKey_Id = ObjectIdentifier.newInternal(AuthorityKey_data);
         SubjectKey_Id   = ObjectIdentifier.newInternal(SubjectKey_data);
         KeyUsage_Id     = ObjectIdentifier.newInternal(KeyUsage_data);
         PrivateKeyUsage_Id = ObjectIdentifier.newInternal(PrivateKeyUsage_data);

@@ -264,7 +277,8 @@
             ObjectIdentifier.newInternal(AuthInfoAccess_data);
         SubjectInfoAccess_Id =
             ObjectIdentifier.newInternal(SubjectInfoAccess_data);
         FreshestCRL_Id = ObjectIdentifier.newInternal(FreshestCRL_data);
         OCSPNoCheck_Id = ObjectIdentifier.newInternal(OCSPNoCheck_data);
+        OCSPNonce_Id = ObjectIdentifier.newInternal(OCSPNonce_data);
     }
 }



< prev index next >