src/share/classes/java/security/cert/X509Extension.java
Print this page
*** 57,69 ****
* -- contains a DER encoding of a value
* -- of the type registered for use with
* -- the extnId object identifier value
* }
* </pre>
! * Since not all extensions are known, the <code>getExtensionValue</code>
* method returns the DER-encoded OCTET STRING of the
! * extension value (i.e., the <code>extnValue</code>). This can then
* be handled by a <em>Class</em> that understands the extension.
*
* @author Hemma Prafullchandra
*/
--- 57,69 ----
* -- contains a DER encoding of a value
* -- of the type registered for use with
* -- the extnId object identifier value
* }
* </pre>
! * Since not all extensions are known, the {@code getExtensionValue}
* method returns the DER-encoded OCTET STRING of the
! * extension value (i.e., the {@code extnValue}). This can then
* be handled by a <em>Class</em> that understands the extension.
*
* @author Hemma Prafullchandra
*/
*** 111,155 ****
* NON-CRITICAL in the certificate/CRL managed by the object
* implementing this interface.
*
* Here is sample code to get a Set of non-critical extensions from an
* X509CRL revoked certificate entry and print the OIDs:
! * <pre><code>
* CertificateFactory cf = null;
* X509CRL crl = null;
* try (InputStream inStrm = new FileInputStream("DER-encoded-CRL")) {
* cf = CertificateFactory.getInstance("X.509");
* crl = (X509CRL)cf.generateCRL(inStrm);
! * }<p>
*
! * byte[] certData = <DER-encoded certificate data>
* ByteArrayInputStream bais = new ByteArrayInputStream(certData);
* X509Certificate cert = (X509Certificate)cf.generateCertificate(bais);
* X509CRLEntry badCert =
! * crl.getRevokedCertificate(cert.getSerialNumber());<p>
*
* if (badCert != null) {
! * Set<String> nonCritSet = badCert.getNonCriticalExtensionOIDs();<p>
* if (nonCritSet != null)
* for (String oid : nonCritSet) {
* System.out.println(oid);
* }
* }
! * </code></pre>
*
* @return a Set (or an empty Set if none are marked non-critical) of
* the extension OID strings for extensions that are marked non-critical.
* If there are no extensions present at all, then this method returns
* null.
*/
public Set<String> getNonCriticalExtensionOIDs();
/**
* Gets the DER-encoded OCTET string for the extension value
! * (<em>extnValue</em>) identified by the passed-in <code>oid</code>
* String.
! * The <code>oid</code> string is
* represented by a set of nonnegative whole numbers separated
* by periods.
*
* <p>For example:<br>
* <table border=groove summary="Examples of OIDs and extension names">
--- 111,155 ----
* NON-CRITICAL in the certificate/CRL managed by the object
* implementing this interface.
*
* Here is sample code to get a Set of non-critical extensions from an
* X509CRL revoked certificate entry and print the OIDs:
! * <pre>{@code
* CertificateFactory cf = null;
* X509CRL crl = null;
* try (InputStream inStrm = new FileInputStream("DER-encoded-CRL")) {
* cf = CertificateFactory.getInstance("X.509");
* crl = (X509CRL)cf.generateCRL(inStrm);
! * }
*
! * byte[] certData = <DER-encoded certificate data>
* ByteArrayInputStream bais = new ByteArrayInputStream(certData);
* X509Certificate cert = (X509Certificate)cf.generateCertificate(bais);
* X509CRLEntry badCert =
! * crl.getRevokedCertificate(cert.getSerialNumber());
*
* if (badCert != null) {
! * Set<String> nonCritSet = badCert.getNonCriticalExtensionOIDs();
* if (nonCritSet != null)
* for (String oid : nonCritSet) {
* System.out.println(oid);
* }
* }
! * }</pre>
*
* @return a Set (or an empty Set if none are marked non-critical) of
* the extension OID strings for extensions that are marked non-critical.
* If there are no extensions present at all, then this method returns
* null.
*/
public Set<String> getNonCriticalExtensionOIDs();
/**
* Gets the DER-encoded OCTET string for the extension value
! * (<em>extnValue</em>) identified by the passed-in {@code oid}
* String.
! * The {@code oid} string is
* represented by a set of nonnegative whole numbers separated
* by periods.
*
* <p>For example:<br>
* <table border=groove summary="Examples of OIDs and extension names">