Class PrivateKeyUsageExtension
java.lang.Object
org.mozilla.jss.netscape.security.x509.Extension
org.mozilla.jss.netscape.security.x509.PrivateKeyUsageExtension
- All Implemented Interfaces:
Serializable,CertAttrSet
This class defines the Private Key Usage Extension.
The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the private key than the certificate. This extension is intended for use with digital signature keys. This extension consists of two optional components notBefore and notAfter. The private key associated with the certificate should not be used to sign objects before or after the times specified by the two components, respectively.
PrivateKeyUsagePeriod ::= SEQUENCE {
notBefore [0] GeneralizedTime OPTIONAL,
notAfter [1] GeneralizedTime OPTIONAL }
- Version:
- 1.12
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringIdentifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.static final StringSub attributes name for this CertAttrSet.static final Stringstatic final Stringprivate Dateprivate Dateprivate static final longprivate static final byteprivate static final byteFields inherited from class org.mozilla.jss.netscape.security.x509.Extension
critical, extensionId, extensionValue -
Constructor Summary
ConstructorsConstructorDescriptionPrivateKeyUsageExtension(Boolean critical, Object value) Create the extension from the passed DER encoded value.PrivateKeyUsageExtension(Date notBefore, Date notAfter) The default constructor for PrivateKeyUsageExtension. -
Method Summary
Modifier and TypeMethodDescriptionvoiddecode(InputStream in) Decode the extension from the InputStream.voidDelete the attribute value.voidencode(OutputStream out) Write the extension to the OutputStream.private voidGet the attribute value.Return an enumeration of names of attributes existing within this attribute.getName()Return the name of this attribute.Return notAfter dateReturn notBefore datevoidSet the attribute value.toString()Return the printable string.voidvalid()Verify that that the current time is within the validity period.voidVerify that that the passed time is within the validity period.Methods inherited from class org.mozilla.jss.netscape.security.x509.Extension
clearValue, encode, getExtensionId, getExtensionValue, isCritical, setCritical, setExtensionId, setExtensionValue
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
IDENT
Identifier for this attribute, to be used with the get, set, delete methods of Certificate, x509 type.- See Also:
-
NAME
Sub attributes name for this CertAttrSet.- See Also:
-
NOT_BEFORE
- See Also:
-
NOT_AFTER
- See Also:
-
TAG_BEFORE
private static final byte TAG_BEFORE- See Also:
-
TAG_AFTER
private static final byte TAG_AFTER- See Also:
-
notBefore
-
notAfter
-
-
Constructor Details
-
PrivateKeyUsageExtension
The default constructor for PrivateKeyUsageExtension.- Parameters:
notBefore- the date/time before which the private key should not be used.notAfter- the date/time after which the private key should not be used.- Throws:
IOException
-
PrivateKeyUsageExtension
public PrivateKeyUsageExtension(Boolean critical, Object value) throws CertificateException, IOException Create the extension from the passed DER encoded value.- Parameters:
critical- true if the extension is to be treated as critical.value- Array of DER encoded bytes of the actual value.- Throws:
CertificateException- on certificate parsing errors.IOException- on error.
-
-
Method Details
-
encodeThis
- Throws:
IOException
-
toString
Return the printable string.- Specified by:
toStringin interfaceCertAttrSet- Overrides:
toStringin classExtension- Returns:
- value of this certificate attribute in printable form.
-
getNotBefore
Return notBefore date -
getNotAfter
Return notAfter date -
valid
Verify that that the current time is within the validity period.- Throws:
CertificateExpiredException- if the certificate has expired.CertificateNotYetValidException- if the certificate is not yet valid.
-
valid
Verify that that the passed time is within the validity period.- Throws:
CertificateExpiredException- if the certificate has expired with respect to theDatesupplied.CertificateNotYetValidException- if the certificate is not yet valid with respect to theDatesupplied.
-
encode
Write the extension to the OutputStream.- Specified by:
encodein interfaceCertAttrSet- Parameters:
out- the OutputStream to write the extension to.- Throws:
IOException- on encoding errors.
-
decode
Decode the extension from the InputStream.- Specified by:
decodein interfaceCertAttrSet- Parameters:
in- the InputStream to unmarshal the contents from.- Throws:
CertificateException- on decoding errors.
-
set
Set the attribute value.- Specified by:
setin interfaceCertAttrSet- Parameters:
name- the name of the attribute (e.g. "x509.info.key")obj- the attribute object.- Throws:
CertificateException- on attribute handling errors.
-
get
Get the attribute value.- Specified by:
getin interfaceCertAttrSet- Parameters:
name- the name of the attribute to return.- Returns:
- attribute value
- Throws:
CertificateException- on attribute handling errors.
-
delete
Delete the attribute value.- Specified by:
deletein interfaceCertAttrSet- Parameters:
name- the name of the attribute to delete.- Throws:
CertificateException- on attribute handling errors.
-
getAttributeNames
Return an enumeration of names of attributes existing within this attribute.- Specified by:
getAttributeNamesin interfaceCertAttrSet- Returns:
- an enumeration of the attribute names.
-
getName
Return the name of this attribute.- Specified by:
getNamein interfaceCertAttrSet- Returns:
- the name of this CertAttrSet.
-