X509CertSelector.SetNameConstraints(Byte[]) Method

Reference

Definition

Namespace:: Java.Security.Cert

Assembly:: Mono.Android.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Sets the name constraints criterion.

[Android.Runtime.Register("setNameConstraints", "([B)V", "GetSetNameConstraints_arrayBHandler")]
public virtual void SetNameConstraints (byte[]? bytes);

[<Android.Runtime.Register("setNameConstraints", "([B)V", "GetSetNameConstraints_arrayBHandler")>]
abstract member SetNameConstraints : byte[] -> unit
override this.SetNameConstraints : byte[] -> unit

Parameters

bytes: Byte[]

a byte array containing the ASN.1 DER encoding of a NameConstraints extension to be used for checking name constraints. Only the value of the extension is included, not the OID or criticality flag. Can be null, in which case no name constraints check will be performed.

Attributes: RegisterAttribute

Exceptions

IOException

if decoding the name constraints fail.

Remarks

Sets the name constraints criterion. The X509Certificate must have subject and subject alternative names that meet the specified name constraints.

The name constraints are specified as a byte array. This byte array should contain the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 5280 and X.509. The ASN.1 definition of this structure appears below.

{@code
             NameConstraints ::= SEQUENCE {
                  permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
                  excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }

             GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree

             GeneralSubtree ::= SEQUENCE {
                  base                    GeneralName,
                  minimum         [0]     BaseDistance DEFAULT 0,
                  maximum         [1]     BaseDistance OPTIONAL }

             BaseDistance ::= INTEGER (0..MAX)

             GeneralName ::= CHOICE {
                  otherName                       [0]     OtherName,
                  rfc822Name                      [1]     IA5String,
                  dNSName                         [2]     IA5String,
                  x400Address                     [3]     ORAddress,
                  directoryName                   [4]     Name,
                  ediPartyName                    [5]     EDIPartyName,
                  uniformResourceIdentifier       [6]     IA5String,
                  iPAddress                       [7]     OCTET STRING,
                  registeredID                    [8]     OBJECT IDENTIFIER}
            }

Note that the byte array supplied here is cloned to protect against subsequent modifications.

Java documentation for java.security.cert.X509CertSelector.setNameConstraints(byte[]).

Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.

Applies to