Package net.ripe.rpki.commons.crypto.rfc3779

Class ResourceExtensionEncoder

java.lang.Object

net.ripe.rpki.commons.crypto.rfc3779.ResourceExtensionEncoder

public class ResourceExtensionEncoder
extends Object

Encodes the certificate resource extensions as specified in RFC3779. Resource inheritance is not yet supported. The methods in this class are named after the grammar rules in RFC3779, suffixed with "ToDer".

Field Summary

Fields

Modifier and Type	Field	Description
static org.bouncycastle.asn1.ASN1ObjectIdentifier	OID_AUTONOMOUS_SYS_IDS	id-pe-autonomousSysIds OBJECT IDENTIFIER ::= { id-pe 8 }
static org.bouncycastle.asn1.ASN1ObjectIdentifier	OID_IP_ADDRESS_BLOCKS	id-pe-ipAddrBlocks OBJECT IDENTIFIER ::= { id-pe 7 }
static String	OID_PE	id-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
static String	OID_PKIX	id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) }

Constructor Summary

Constructors

Constructor	Description
ResourceExtensionEncoder()

Method Summary

Modifier and Type	Method	Description
org.bouncycastle.asn1.ASN1Object	encodeAsIdentifiers(boolean inherit, net.ripe.ipresource.IpResourceSet resources)	Encode the AS Identifier extension for resource certificates.
org.bouncycastle.asn1.ASN1Object	encodeIpAddressBlocks(boolean inheritIpv4, boolean inheritIpv6, net.ripe.ipresource.IpResourceSet resources)	Encode the IP Address Block extension for Resource Certificates.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

OID_PKIX

public static final String OID_PKIX

id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) }

See Also:

Constant Field Values

OID_PE

public static final String OID_PE

id-pe OBJECT IDENTIFIER ::= { id-pkix 1 }

See Also:

Constant Field Values

OID_IP_ADDRESS_BLOCKS

public static final org.bouncycastle.asn1.ASN1ObjectIdentifier OID_IP_ADDRESS_BLOCKS

id-pe-ipAddrBlocks OBJECT IDENTIFIER ::= { id-pe 7 }

OID_AUTONOMOUS_SYS_IDS

public static final org.bouncycastle.asn1.ASN1ObjectIdentifier OID_AUTONOMOUS_SYS_IDS

id-pe-autonomousSysIds OBJECT IDENTIFIER ::= { id-pe 8 }

Constructor Detail

ResourceExtensionEncoder

public ResourceExtensionEncoder()

Method Detail

encodeIpAddressBlocks

public org.bouncycastle.asn1.ASN1Object encodeIpAddressBlocks(boolean inheritIpv4,
                                                              boolean inheritIpv6,
                                                              net.ripe.ipresource.IpResourceSet resources)

Encode the IP Address Block extension for Resource Certificates. This extension is identified by OID_IP_ADDRESS_BLOCKS.

Parameters:

inheritIpv4 - inherit IPv4 resources from signing certificate.

inheritIpv6 - inherit IPv6 resources from signing certificate.

resources - the set of IPv4 and IPv6 resources.

Returns:

the DER encoding of the IP Address Block Extension.

encodeAsIdentifiers

public org.bouncycastle.asn1.ASN1Object encodeAsIdentifiers(boolean inherit,
                                                            net.ripe.ipresource.IpResourceSet resources)

Encode the AS Identifier extension for resource certificates. Only the "asnum" part is encoded, since we do not use the "rdi" (routing domain identifiers).

Parameters:

inherit - inherit ASNs from signing certificate.

resources - the set of ASNs.

Returns:

the DER encoding of the AS Identifier extension.