151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/*
251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved.
351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it
651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as
751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation.  Oracle designates this
851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided
951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code.
1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT
1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that
1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code).
1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version
1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation,
1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any
2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions.
2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security.cert;
2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException;
2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream;
3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.Serializable;
3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/**
3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This interface represents an X.509 extension.
3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Extensions provide a means of associating additional attributes with users
3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or public keys and for managing a certification hierarchy.  The extension
3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * format also allows communities to define private extensions to carry
3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * information unique to those communities.
4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Each extension contains an object identifier, a criticality setting
4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * indicating whether it is a critical or a non-critical extension, and
4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * and an ASN.1 DER-encoded value. Its ASN.1 definition is:
4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <pre>
4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *     Extension ::= SEQUENCE {
4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         extnId        OBJECT IDENTIFIER,
5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         critical      BOOLEAN DEFAULT FALSE,
5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         extnValue     OCTET STRING
5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *                 -- contains a DER encoding of a value
5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *                 -- of the type registered for use with
5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *                 -- the extnId object identifier value
5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *     }
5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre>
5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This interface is designed to provide access to a single extension,
6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * unlike {@link java.security.cert.X509Extension} which is more suitable
6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * for accessing a set of extensions.
6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.7
6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic interface Extension {
6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Gets the extensions's object identifier.
7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the object identifier as a String
7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    String getId();
7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Gets the extension's criticality setting.
7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return true if this is a critical extension.
7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    boolean isCritical();
8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Gets the extensions's DER-encoded value. Note, this is the bytes
8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * that are encoded as an OCTET STRING. It does not include the OCTET
8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * STRING tag and length.
8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return a copy of the extension's value, or <code>null</code> if no
8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *    extension value is present.
8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    byte[] getValue();
9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Generates the extension's DER encoding and writes it to the output
9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * stream.
9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param out the output stream
9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception IOException on encoding or output error.
9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception NullPointerException if <code>out</code> is <code>null</code>.
9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    void encode(OutputStream out) throws IOException;
10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski}
102