Extension

  • The Extension interface represents an X.509 extension, allowing for the addition of attributes to users or public keys and managing certification hierarchies.

  • Extensions are defined by an object identifier, a criticality setting, and a DER-encoded value, providing a structured way to include custom information.

  • This interface focuses on access to single extensions, differing from X509Extension which handles sets of extensions.

  • The interface includes methods to encode the extension to an output stream, retrieve its identifier, value, and criticality setting.
public interface Extension

This interface represents an X.509 extension.

Extensions provide a means of associating additional attributes with users or public keys and for managing a certification hierarchy. The extension format also allows communities to define private extensions to carry information unique to those communities.

Each extension contains an object identifier, a criticality setting indicating whether it is a critical or a non-critical extension, and and an ASN.1 DER-encoded value. Its ASN.1 definition is: 


     Extension ::= SEQUENCE {
         extnId        OBJECT IDENTIFIER,
         critical      BOOLEAN DEFAULT FALSE,
         extnValue     OCTET STRING
                 -- contains a DER encoding of a value
                 -- of the type registered for use with
                 -- the extnId object identifier value
     }

This interface is designed to provide access to a single extension, unlike X509Extension which is more suitable for accessing a set of extensions.

Public Method Summary

abstract void
encode(OutputStream out)
Generates the extension's DER encoding and writes it to the output stream.
abstract String
getId()
Gets the extensions's object identifier.
abstract byte[]
getValue()
Gets the extensions's DER-encoded value.
abstract boolean
isCritical()
Gets the extension's criticality setting.

Public Methods

public abstract void encode (OutputStream out)

Generates the extension's DER encoding and writes it to the output stream.

Parameters
out the output stream
Throws
IOException on encoding or output error.
NullPointerException if out is null.

public abstract String getId ()

Gets the extensions's object identifier.

Returns
  • the object identifier as a String

public abstract byte[] getValue ()

Gets the extensions's DER-encoded value. Note, this is the bytes that are encoded as an OCTET STRING. It does not include the OCTET STRING tag and length.

Returns
  • a copy of the extension's value, or null if no extension value is present.

public abstract boolean isCritical ()

Gets the extension's criticality setting.

Returns
  • true if this is a critical extension.