001/*
002 * Copyright 2017-2023 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2017-2023 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2017-2023 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.util.ssl.cert;
037
038
039
040import com.unboundid.util.NotMutable;
041import com.unboundid.util.NotNull;
042import com.unboundid.util.OID;
043import com.unboundid.util.ThreadSafety;
044import com.unboundid.util.ThreadSafetyLevel;
045
046import static com.unboundid.util.ssl.cert.CertMessages.*;
047
048
049
050/**
051 * This class provides an implementation of the subject alternative name X.509
052 * certificate extension as described in
053 * <A HREF="https://www.ietf.org/rfc/rfc5280.txt">RFC 5280</A> section 4.2.1.6.
054 * It can provide additional information about the entity that is being
055 * certified, including alternate DNS hostnames or IP addresses that may be used
056 * to access the server, email addresses or DNs of end users, URIs of services,
057 * etc.  This information may be used in the course of determining whether to
058 * trust a peer certificate.
059 * <BR><BR>
060 * The OID for this extension is 2.5.29.17.  See the
061 * {@link GeneralAlternativeNameExtension} class for implementation details and
062 * the value encoding.
063 */
064@NotMutable()
065@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
066public final class SubjectAlternativeNameExtension
067       extends GeneralAlternativeNameExtension
068{
069  /**
070   * The OID (2.5.29.17) for subject alternative name extensions.
071   */
072  @NotNull public static final OID SUBJECT_ALTERNATIVE_NAME_OID =
073       new OID("2.5.29.17");
074
075
076
077  /**
078   * The serial version UID for this serializable class.
079   */
080  private static final long serialVersionUID = 4194307412985686108L;
081
082
083
084  /**
085   * Creates a new subject alternative name extension with the provided
086   * information.
087   *
088   * @param  isCritical    Indicates whether this extension should be considered
089   *                       critical.
090   * @param  generalNames  The set of names to include in this extension.  This
091   *                       must not be {@code null}.
092   *
093   * @throws  CertException  If a problem occurs while trying to encode the
094   *                         value.
095   */
096  SubjectAlternativeNameExtension(final boolean isCritical,
097                                  @NotNull final GeneralNames generalNames)
098       throws CertException
099  {
100    super(SUBJECT_ALTERNATIVE_NAME_OID, isCritical, generalNames);
101  }
102
103
104
105  /**
106   * Creates a new subject alternative name extension from the provided generic
107   * extension.
108   *
109   * @param  extension  The extension to decode as a subject alternative name
110   *                    extension.
111   *
112   * @throws  CertException  If the provided extension cannot be decoded as a
113   *                         subject alternative name extension.
114   */
115  SubjectAlternativeNameExtension(
116       @NotNull final X509CertificateExtension extension)
117       throws CertException
118  {
119    super(extension);
120  }
121
122
123
124  /**
125   * {@inheritDoc}
126   */
127  @Override()
128  @NotNull()
129  public String getExtensionName()
130  {
131    return INFO_SUBJECT_ALT_NAME_EXTENSION_NAME.get();
132  }
133
134
135
136  /**
137   * {@inheritDoc}
138   */
139  @Override()
140  public void toString(@NotNull final StringBuilder buffer)
141  {
142    toString("SubjectAlternativeNameExtension", buffer);
143  }
144}