Package org.apache.harmony.security.x509

Class GeneralName

java.lang.Object
org.apache.harmony.security.x509.GeneralName
public final class GeneralName
extends Object
The class encapsulates the ASN.1 DER encoding/decoding work with the GeneralName structure which is a part of X.509 certificate (as specified in RFC 3280 - Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL) Profile. http://www.ietf.org/rfc/rfc3280.txt): 

   GeneralName::= CHOICE {
        otherName                       [0]     OtherName,
        rfc822Name                      [1]     IA5String,
        dNSName                         [2]     IA5String,
        x400Address                     [3]     ORAddress,
        directoryName                   [4]     Name,
        ediPartyName                    [5]     EDIPartyName,
        uniformResourceIdentifier       [6]     IA5String,
        iPAddress                       [7]     OCTET STRING,
        registeredID                    [8]     OBJECT IDENTIFIER
   }

   OtherName::= SEQUENCE {
        type-id    OBJECT IDENTIFIER,
        value      [0] EXPLICIT ANY DEFINED BY type-id
   }

   EDIPartyName::= SEQUENCE {
        nameAssigner            [0]     DirectoryString OPTIONAL,
        partyName               [1]     DirectoryString
   }

   DirectoryString::= CHOICE {
        teletexString             TeletexString   (SIZE (1..MAX)),
        printableString           PrintableString (SIZE (1..MAX)),
        universalString           UniversalString (SIZE (1..MAX)),
        utf8String              UTF8String      (SIZE (1..MAX)),
        bmpString               BMPString       (SIZE (1..MAX))
   }

This class doesn't support masked addresses like "10.9.8.0/255.255.255.0". These are only necessary for NameConstraints, which are not exposed in the Java certificate API.

See Also:
NameConstraints, GeneralSubtree

  • Field Details

  • Constructor Details

    • GeneralName

      public GeneralName​(int tag, String name) throws IOException
      Makes the GeneralName object from the tag type and corresponding well established string representation of the name value. The String representation of [7] iPAddress is such as: For IP v4, as specified in RFC 791, the address must contain exactly 4 byte component. For IP v6, as specified in RFC 1883, the address must contain exactly 16 byte component. If GeneralName structure is used as a part of Name Constraints extension, to represent an address range the number of address component is doubled (to 8 and 32 bytes respectively). Note that the names: [0] otherName, [3] x400Address, [5] ediPartyName have no the string representation, so exception will be thrown. To make the GeneralName object with such names use another constructor.
      Parameters:
      tag - is an integer which value corresponds to the name type.
      name - is a name value corresponding to the tag.
      Throws:
      IOException

    • GeneralName

      public GeneralName​(OtherName name)

    • GeneralName

      public GeneralName​(ORAddress name)

    • GeneralName

      public GeneralName​(Name name)

    • GeneralName

      public GeneralName​(EDIPartyName name)

    • GeneralName

      public GeneralName​(byte[] name) throws IllegalArgumentException
      Constructor for type [7] iPAddress. name is an array of bytes such as: For IP v4, as specified in RFC 791, the address must contain exactly 4 byte component. For IP v6, as specified in RFC 1883, the address must contain exactly 16 byte component. If GeneralName structure is used as a part of Name Constraints extension, to represent an address range the number of address component is doubled (to 8 and 32 bytes respectively).
      Throws:
      IllegalArgumentException

    • GeneralName

      public GeneralName​(int tag, byte[] name) throws IOException
      Constructs an object representing the value of GeneralName.
      Parameters:
      tag - is an integer which value corresponds to the name type (0-8),
      name - is a DER encoded for of the name value
      Throws:
      IOException

  • Method Details

    • getTag

      public int getTag()
      Returns the tag of the name in the structure

    • getName

      public Object getName()
      Returns:
      the value of the name. The class of name object depends on the tag as follows: [0] otherName - OtherName object, [1] rfc822Name - String object, [2] dNSName - String object, [3] x400Address - ORAddress object, [4] directoryName - instance of Name object, [5] ediPartyName - EDIPartyName object, [6] uniformResourceIdentifier - String object, [7] iPAddress - array of bytes such as: For IP v4, as specified in RFC 791, the address must contain exactly 4 byte component. For IP v6, as specified in RFC 1883, the address must contain exactly 16 byte component. If GeneralName structure is used as a part of Name Constraints extension, to represent an address range the number of address component is doubled (to 8 and 32 bytes respectively). [8] registeredID - String.

    • equals

      public boolean equals​(Object other)
      Description copied from class: Object
      Compares this instance with the specified object and indicates if they are equal. In order to be equal, o must represent the same object as this instance using a class-specific comparison. The general contract is that this comparison should be reflexive, symmetric, and transitive. Also, no object reference other than null is equal to null.

      The default implementation returns true only if this == o. See Writing a correct equals method if you intend implementing your own equals method.

      The general contract for the equals and Object.hashCode() methods is that if equals returns true for any two objects, then hashCode() must return the same value for these objects. This means that subclasses of Object usually override either both methods or neither of them.

      Overrides:
      equals in class Object
      Parameters:
      other - the object to compare this instance with.
      Returns:
      true if the specified object is equal to this Object; false otherwise.
      See Also:
      Object.hashCode()

    • hashCode

      public int hashCode()
      Description copied from class: Object
      Returns an integer hash code for this object. By contract, any two objects for which Object.equals(java.lang.Object) returns true must return the same hash code value. This means that subclasses of Object usually override both methods or neither method.

      Note that hash values must not change over time unless information used in equals comparisons also changes.

      See Writing a correct hashCode method if you intend implementing your own hashCode method.

      Overrides:
      hashCode in class Object
      Returns:
      this object's hash code.
      See Also:
      Object.equals(java.lang.Object)

    • isAcceptable

      public boolean isAcceptable​(GeneralName gname)
      Checks if the other general name is acceptable by this object. The name is acceptable if it has the same type name and its name value is equal to name value of this object. Also the name is acceptable if this general name object is a part of name constraints and the specified name is satisfied the restriction provided by this object (for more detail see section 4.2.1.11 of rfc 3280). Note that for X400Address [3] check procedure is unclear so method just checks the equality of encoded forms. For otherName [0], ediPartyName [5], and registeredID [8] the check procedure if not defined by rfc 3280 and for names of these types this method also checks only for equality of encoded forms.

    • getAsList

      public List<Object> getAsList()
      Gets a list representation of this GeneralName object. The first entry of the list is an Integer object representing the type of mane (0-8), and the second entry is a value of the name: string or ASN.1 DER encoded form depending on the type as follows: rfc822Name, dNSName, uniformResourceIdentifier names are returned as Strings, using the string formats for those types (rfc 3280) IP v4 address names are returned using dotted quad notation. IP v6 address names are returned in the form "p1:p2:...:p8", where p1-p8 are hexadecimal values representing the eight 16-bit pieces of the address. registeredID name are returned as Strings represented as a series of nonnegative integers separated by periods. And directory names (distinguished names) are returned in RFC 2253 string format. otherName, X400Address, ediPartyName returned as byte arrays containing the ASN.1 DER encoded form of the name.

    • toString

      public String toString()
      Description copied from class: Object
      Returns a string containing a concise, human-readable description of this object. Subclasses are encouraged to override this method and provide an implementation that takes into account the object's type and data. The default implementation is equivalent to the following expression: 
         getClass().getName() + '@' + Integer.toHexString(hashCode())

      See Writing a useful toString method if you intend implementing your own toString method.

      Overrides:
      toString in class Object
      Returns:
      a printable representation of this object.

    • getEncoded

      public byte[] getEncoded()
      Returns ASN.1 encoded form of this X.509 GeneralName value.

    • getEncodedName

      public byte[] getEncodedName()
      Returns:
      the encoded value of the name without the tag associated with the name in the GeneralName structure
      Throws:
      IOException

    • checkDNS

      public static void checkDNS​(String dns) throws IOException
      Checks the correctness of the string representation of DNS name as specified in RFC 1034 p. 10 and RFC 1123 section 2.1.

      This permits a wildcard character '*' anywhere in the name; it is up to the application to check which wildcards are permitted. See RFC 6125 for recommended wildcard matching rules.

      Throws:
      IOException

    • checkURI

      public static void checkURI​(String uri) throws IOException
      Checks the correctness of the string representation of URI name. The correctness is checked as pointed out in RFC 3280 p. 34.
      Throws:
      IOException

    • oidStrToInts

      public static int[] oidStrToInts​(String oid) throws IOException
      Converts OID into array of ints.
      Throws:
      IOException

    • ipStrToBytes

      public static byte[] ipStrToBytes​(String ip) throws IOException
      Returns the bytes of the given IP address or masked IP address.
      Throws:
      IOException

    • ipBytesToStr

      public static String ipBytesToStr​(byte[] ip)
      Returns the string form of the given IP address. If the address is not 4 octets for IPv4 or 16 octets for IPv6, an IllegalArgumentException will be thrown.