Class OID.X509Extensions

java.lang.Object
com.itextpdf.kernel.crypto.OID.X509Extensions
Enclosing class:
OID

public static final class OID.X509Extensions extends Object
Contains all OIDs used by iText in the context of Certificate Extensions.
  • Field Details

    • AUTHORITY_KEY_IDENTIFIER

      public static final String AUTHORITY_KEY_IDENTIFIER
      One of the standard extensions from https://tools.ietf.org/html/rfc5280

      "Conforming CAs MUST mark this extension as non-critical."

      See Also:
    • SUBJECT_KEY_IDENTIFIER

      public static final String SUBJECT_KEY_IDENTIFIER
      One of the standard extensions from https://tools.ietf.org/html/rfc5280

      "Conforming CAs MUST mark this extension as non-critical."

      See Also:
    • KEY_USAGE

      public static final String KEY_USAGE
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • CERTIFICATE_POLICIES

      public static final String CERTIFICATE_POLICIES
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • POLICY_MAPPINGS

      public static final String POLICY_MAPPINGS
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • SUBJECT_ALTERNATIVE_NAME

      public static final String SUBJECT_ALTERNATIVE_NAME
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • ISSUER_ALTERNATIVE_NAME

      public static final String ISSUER_ALTERNATIVE_NAME
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • SUBJECT_DIRECTORY_ATTRIBUTES

      public static final String SUBJECT_DIRECTORY_ATTRIBUTES
      One of the standard extensions from https://tools.ietf.org/html/rfc5280

      "Conforming CAs MUST mark this extension as non-critical."

      See Also:
    • BASIC_CONSTRAINTS

      public static final String BASIC_CONSTRAINTS
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • NAME_CONSTRAINTS

      public static final String NAME_CONSTRAINTS
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • POLICY_CONSTRAINTS

      public static final String POLICY_CONSTRAINTS
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • EXTENDED_KEY_USAGE

      public static final String EXTENDED_KEY_USAGE
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • CRL_DISTRIBUTION_POINTS

      public static final String CRL_DISTRIBUTION_POINTS
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • INHIBIT_ANY_POLICY

      public static final String INHIBIT_ANY_POLICY
      One of the standard extensions from https://tools.ietf.org/html/rfc5280
      See Also:
    • FRESHEST_CRL

      public static final String FRESHEST_CRL
      One of the standard extensions from https://tools.ietf.org/html/rfc5280

      "The extension MUST be marked as non-critical by conforming CAs."

      See Also:
    • AUTHORITY_INFO_ACCESS

      public static final String AUTHORITY_INFO_ACCESS
      One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280

      "The extension MUST be marked as non-critical by conforming CAs."

      See Also:
    • SUBJECT_INFO_ACCESS

      public static final String SUBJECT_INFO_ACCESS
      One of the Internet Certificate Extensions also from https://tools.ietf.org/html/rfc5280

      "Conforming CAs MUST mark this extension as non-critical."

      See Also:
    • ID_KP_TIMESTAMPING

      public static final String ID_KP_TIMESTAMPING
      One of the EXTENDED_KEY_USAGE purposes from https://www.ietf.org/rfc/rfc2459.txt
      See Also:
    • ID_PKIX_OCSP_NOCHECK

      public static final String ID_PKIX_OCSP_NOCHECK
      Extension for OCSP responder certificate from https://www.ietf.org/rfc/rfc2560.txt.
      See Also:
    • VALIDITY_ASSURED_SHORT_TERM

      public static final String VALIDITY_ASSURED_SHORT_TERM
      Extension for certificates from ETSI EN 319 412-1 V1.4.4.
      See Also:
    • NO_REV_AVAILABLE

      public static final String NO_REV_AVAILABLE
      Extension for certificates from RFC 9608 which indicates that no revocation information is available.
      See Also:
    • SUPPORTED_CRITICAL_EXTENSIONS

      public static final Set<String> SUPPORTED_CRITICAL_EXTENSIONS
      According to https://tools.ietf.org/html/rfc5280 4.2. "Certificate Extensions": "A certificate-using system MUST reject the certificate if it encounters a critical extension it does not recognize or a critical extension that contains information that it cannot process."

      This set consists of standard extensions which are defined in RFC specifications and are not mentioned as forbidden to be marked as critical.

  • Constructor Details

    • X509Extensions

      public X509Extensions()