Class | Line # | Actions | |||||
---|---|---|---|---|---|---|---|
X509ExtensionBuilder | 40 | 0 | - | 0 | 0 |
1 | /* | |
2 | * See the NOTICE file distributed with this work for additional | |
3 | * information regarding copyright ownership. | |
4 | * | |
5 | * This is free software; you can redistribute it and/or modify it | |
6 | * under the terms of the GNU Lesser General Public License as | |
7 | * published by the Free Software Foundation; either version 2.1 of | |
8 | * the License, or (at your option) any later version. | |
9 | * | |
10 | * This software is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
13 | * Lesser General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU Lesser General Public | |
16 | * License along with this software; if not, write to the Free | |
17 | * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA | |
18 | * 02110-1301 USA, or see the FSF site: http://www.fsf.org. | |
19 | */ | |
20 | package org.xwiki.crypto.pkix; | |
21 | ||
22 | import java.io.IOException; | |
23 | import java.util.EnumSet; | |
24 | ||
25 | import org.xwiki.component.annotation.Role; | |
26 | import org.xwiki.crypto.params.cipher.asymmetric.PublicKeyParameters; | |
27 | import org.xwiki.crypto.pkix.params.CertifiedPublicKey; | |
28 | import org.xwiki.crypto.pkix.params.x509certificate.extension.ExtendedKeyUsages; | |
29 | import org.xwiki.crypto.pkix.params.x509certificate.extension.KeyUsage; | |
30 | import org.xwiki.crypto.pkix.params.x509certificate.extension.X509Extensions; | |
31 | import org.xwiki.crypto.pkix.params.x509certificate.extension.X509GeneralName; | |
32 | ||
33 | /** | |
34 | * Builder to build X.509 extension set. | |
35 | * | |
36 | * @version $Id: c4ae8051505d0986238e777239581f64f4098e73 $ | |
37 | * @since 5.4 | |
38 | */ | |
39 | @Role | |
40 | public interface X509ExtensionBuilder | |
41 | { | |
42 | /** | |
43 | * Add an extension with the given oid and the passed in value to be included in the OCTET STRING associated with | |
44 | * the extension. | |
45 | * | |
46 | * @param oid OID for the extension. | |
47 | * @param critical true if critical, false otherwise. | |
48 | * @param value the ASN.1 object to be included in the extension. | |
49 | * @return this extensions builder to allow chaining. | |
50 | * @throws IOException on encoding error. | |
51 | */ | |
52 | X509ExtensionBuilder addExtension(String oid, boolean critical, byte[] value) throws IOException; | |
53 | ||
54 | /** | |
55 | * Add all extension in an existing extension set to the currently built extension set. | |
56 | * | |
57 | * @param extensionSet the extension set to copy. | |
58 | * @return this extensions builder to allow chaining. | |
59 | * @throws IOException on encoding error. | |
60 | */ | |
61 | X509ExtensionBuilder addExtensions(X509Extensions extensionSet) throws IOException; | |
62 | ||
63 | /** | |
64 | * @return the final resulting X.509 extensions | |
65 | */ | |
66 | X509Extensions build(); | |
67 | ||
68 | /** | |
69 | * @return true if no extension has been ever added. | |
70 | */ | |
71 | boolean isEmpty(); | |
72 | ||
73 | /** | |
74 | * Add the BasicConstraints extension. | |
75 | * | |
76 | * @param isCertificateAuthority should be true for a CA certificate. | |
77 | * @return this extensions builder to allow chaining. | |
78 | */ | |
79 | X509ExtensionBuilder addBasicConstraints(boolean isCertificateAuthority); | |
80 | ||
81 | /** | |
82 | * Add the BasicConstraints extension for a CA with a limited path length. | |
83 | * | |
84 | * @param pathLen the maximum path len for this CA. | |
85 | * @return this extensions builder to allow chaining. | |
86 | */ | |
87 | X509ExtensionBuilder addBasicConstraints(int pathLen); | |
88 | ||
89 | /** | |
90 | * Add a critical key usage extensions. | |
91 | * | |
92 | * @param usages a set of key usage. | |
93 | * @return this extensions builder to allow chaining. | |
94 | */ | |
95 | X509ExtensionBuilder addKeyUsage(EnumSet<KeyUsage> usages); | |
96 | ||
97 | /** | |
98 | * Add a key usage extensions. | |
99 | * | |
100 | * @param critical should be true for a critical extension, false otherwise. | |
101 | * @param usages a set of key usage. | |
102 | * @return this extensions builder to allow chaining. | |
103 | */ | |
104 | X509ExtensionBuilder addKeyUsage(boolean critical, EnumSet<KeyUsage> usages); | |
105 | ||
106 | /** | |
107 | * Add a extended key usage extensions. | |
108 | * | |
109 | * @param critical should be true for a critical extension, false otherwise. | |
110 | * @param usages a set of extended key usage. | |
111 | * @return this extensions builder to allow chaining. | |
112 | */ | |
113 | X509ExtensionBuilder addExtendedKeyUsage(boolean critical, ExtendedKeyUsages usages); | |
114 | ||
115 | /** | |
116 | * Add the authority key identifier extension. | |
117 | * | |
118 | * This extension is automatically added by the certificate builder. | |
119 | * | |
120 | * @param issuer the certifierd public key of the issuer. | |
121 | * @return this extensions builder to allow chaining. | |
122 | */ | |
123 | X509ExtensionBuilder addAuthorityKeyIdentifier(CertifiedPublicKey issuer); | |
124 | ||
125 | /** | |
126 | * Add the authority key identifier extension for self signed certificates. | |
127 | * | |
128 | * This extension is automatically added by the certificate builder. | |
129 | * | |
130 | * @param issuer the public key parameters of the subject. | |
131 | * @return this extensions builder to allow chaining. | |
132 | */ | |
133 | X509ExtensionBuilder addAuthorityKeyIdentifier(PublicKeyParameters issuer); | |
134 | ||
135 | /** | |
136 | * Add the subject key identifier extension. | |
137 | * | |
138 | * This extension is automatically added by the certificate builder. | |
139 | * | |
140 | * @param subject the public key parameters of the subject. | |
141 | * @return this extensions builder to allow chaining. | |
142 | */ | |
143 | X509ExtensionBuilder addSubjectKeyIdentifier(PublicKeyParameters subject); | |
144 | ||
145 | /** | |
146 | * Add the subject alternative names extension. | |
147 | * | |
148 | * @param critical should be true if the subject field is empty, false otherwise. | |
149 | * @param names a collection of X.509 general name. | |
150 | * @return this extensions builder to allow chaining. | |
151 | */ | |
152 | X509ExtensionBuilder addSubjectAltName(boolean critical, X509GeneralName[] names); | |
153 | ||
154 | /** | |
155 | * Add the issuer alternative names extension. | |
156 | * | |
157 | * @param names a collection of X.509 general name. | |
158 | * @return this extensions builder to allow chaining. | |
159 | */ | |
160 | X509ExtensionBuilder addIssuerAltName(X509GeneralName[] names); | |
161 | } |