public class PrivateKeyUsageExtension extends Extension implements CertAttrSet
The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the private key than the certificate. This extension is intended for use with digital signature keys. This extension consists of two optional components notBefore and notAfter. The private key associated with the certificate should not be used to sign objects before or after the times specified by the two components, respectively.
PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL }
Extension
,
CertAttrSet
,
Serialized FormModifier and Type | Field and Description |
---|---|
static java.lang.String |
IDENT
Identifier for this attribute, to be used with the
get, set, delete methods of Certificate, x509 type.
|
static java.lang.String |
NAME
Sub attributes name for this CertAttrSet.
|
static java.lang.String |
NOT_AFTER |
static java.lang.String |
NOT_BEFORE |
critical, extensionId, extensionValue
Constructor and Description |
---|
PrivateKeyUsageExtension(java.lang.Boolean critical,
java.lang.Object value)
Create the extension from the passed DER encoded value.
|
PrivateKeyUsageExtension(java.util.Date notBefore,
java.util.Date notAfter)
The default constructor for PrivateKeyUsageExtension.
|
Modifier and Type | Method and Description |
---|---|
void |
decode(java.io.InputStream in)
Decode the extension from the InputStream.
|
void |
delete(java.lang.String name)
Delete the attribute value.
|
void |
encode(java.io.OutputStream out)
Write the extension to the OutputStream.
|
java.lang.Object |
get(java.lang.String name)
Get the attribute value.
|
java.util.Enumeration<java.lang.String> |
getAttributeNames()
Return an enumeration of names of attributes existing within this
attribute.
|
java.lang.String |
getName()
Return the name of this attribute.
|
java.util.Date |
getNotAfter()
Return notAfter date
|
java.util.Date |
getNotBefore()
Return notBefore date
|
void |
set(java.lang.String name,
java.lang.Object obj)
Set the attribute value.
|
java.lang.String |
toString()
Return the printable string.
|
void |
valid()
Verify that that the current time is within the validity period.
|
void |
valid(java.util.Date now)
Verify that that the passed time is within the validity period.
|
clearValue, encode, getExtensionId, getExtensionValue, isCritical, setCritical, setExtensionId, setExtensionValue
public static final java.lang.String IDENT
public static final java.lang.String NAME
public static final java.lang.String NOT_BEFORE
public static final java.lang.String NOT_AFTER
public PrivateKeyUsageExtension(java.util.Date notBefore, java.util.Date notAfter) throws java.io.IOException
notBefore
- the date/time before which the private key
should not be used.notAfter
- the date/time after which the private key
should not be used.java.io.IOException
public PrivateKeyUsageExtension(java.lang.Boolean critical, java.lang.Object value) throws java.security.cert.CertificateException, java.io.IOException
critical
- true if the extension is to be treated as critical.value
- Array of DER encoded bytes of the actual value.java.security.cert.CertificateException
- on certificate parsing errors.java.io.IOException
- on error.public java.lang.String toString()
toString
in interface CertAttrSet
toString
in class Extension
public java.util.Date getNotBefore()
public java.util.Date getNotAfter()
public void valid() throws java.security.cert.CertificateNotYetValidException, java.security.cert.CertificateExpiredException
java.security.cert.CertificateExpiredException
- if the certificate has expired.java.security.cert.CertificateNotYetValidException
- if the certificate is not
yet valid.public void valid(java.util.Date now) throws java.security.cert.CertificateNotYetValidException, java.security.cert.CertificateExpiredException
java.security.cert.CertificateExpiredException
- if the certificate has expired
with respect to the Date
supplied.java.security.cert.CertificateNotYetValidException
- if the certificate is not
yet valid with respect to the Date
supplied.public void encode(java.io.OutputStream out) throws java.io.IOException
encode
in interface CertAttrSet
out
- the OutputStream to write the extension to.java.io.IOException
- on encoding errors.public void decode(java.io.InputStream in) throws java.security.cert.CertificateException
decode
in interface CertAttrSet
in
- the InputStream to unmarshal the contents from.java.security.cert.CertificateException
- on decoding errors.public void set(java.lang.String name, java.lang.Object obj) throws java.security.cert.CertificateException
set
in interface CertAttrSet
name
- the name of the attribute (e.g. "x509.info.key")obj
- the attribute object.java.security.cert.CertificateException
- on attribute handling errors.public java.lang.Object get(java.lang.String name) throws java.security.cert.CertificateException
get
in interface CertAttrSet
name
- the name of the attribute to return.java.security.cert.CertificateException
- on attribute handling errors.public void delete(java.lang.String name) throws java.security.cert.CertificateException
delete
in interface CertAttrSet
name
- the name of the attribute to delete.java.security.cert.CertificateException
- on attribute handling errors.public java.util.Enumeration<java.lang.String> getAttributeNames()
getAttributeNames
in interface CertAttrSet
public java.lang.String getName()
getName
in interface CertAttrSet