|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.bouncycastle.jce.provider.CertPathValidatorUtilities org.bouncycastle.x509.PKIXCertPathReviewer
public class PKIXCertPathReviewer
PKIXCertPathReviewer
Validation of X.509 Certificate Paths. Tries to find as much errors in the Path as possible.
Field Summary | |
---|---|
private static java.lang.String |
AUTH_INFO_ACCESS
|
protected java.security.cert.CertPath |
certPath
|
protected java.util.List |
certs
|
private static java.lang.String |
CRL_DIST_POINTS
|
protected java.util.List[] |
errors
|
private boolean |
initialized
|
protected int |
n
|
protected java.util.List[] |
notifications
|
protected java.security.cert.PKIXParameters |
pkixParams
|
protected java.security.cert.PolicyNode |
policyTree
|
private static java.lang.String |
QC_STATEMENT
|
private static java.lang.String |
RESOURCE_NAME
|
protected java.security.PublicKey |
subjectPublicKey
|
protected java.security.cert.TrustAnchor |
trustAnchor
|
protected java.util.Date |
validDate
|
Fields inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities |
---|
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME |
Constructor Summary | |
---|---|
PKIXCertPathReviewer()
Creates an empty PKIXCertPathReviewer. |
|
PKIXCertPathReviewer(java.security.cert.CertPath certPath,
java.security.cert.PKIXParameters params)
Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params |
Method Summary | |
---|---|
protected void |
addError(ErrorBundle msg)
|
protected void |
addError(ErrorBundle msg,
int index)
|
protected void |
addNotification(ErrorBundle msg)
|
protected void |
addNotification(ErrorBundle msg,
int index)
|
private void |
checkCriticalExtensions()
|
protected void |
checkCRLs(java.security.cert.PKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate sign,
java.security.PublicKey workingPublicKey,
java.util.Vector crlDistPointUrls,
int index)
|
private void |
checkNameConstraints()
|
private void |
checkPathLength()
|
private void |
checkPolicy()
|
protected void |
checkRevocation(java.security.cert.PKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate sign,
java.security.PublicKey workingPublicKey,
java.util.Vector crlDistPointUrls,
java.util.Vector ocspUrls,
int index)
|
private void |
checkSignatures()
|
protected void |
doChecks()
|
java.security.cert.CertPath |
getCertPath()
|
int |
getCertPathSize()
|
private java.security.cert.X509CRL |
getCRL(java.lang.String location)
|
protected java.util.Vector |
getCRLDistUrls(CRLDistPoint crlDistPoints)
|
java.util.List[] |
getErrors()
Returns an Array of Lists which contains a List of global error messages and a List of error messages for each certificate in the path. |
java.util.List |
getErrors(int index)
Returns an List of error messages for the certificate at the given index in the CertPath. |
java.util.List[] |
getNotifications()
Returns an Array of Lists which contains a List of global notification messages and a List of botification messages for each certificate in the path. |
java.util.List |
getNotifications(int index)
Returns an List of notification messages for the certificate at the given index in the CertPath. |
protected java.util.Vector |
getOCSPUrls(AuthorityInformationAccess authInfoAccess)
|
java.security.cert.PolicyNode |
getPolicyTree()
|
java.security.PublicKey |
getSubjectPublicKey()
|
java.security.cert.TrustAnchor |
getTrustAnchor()
|
private java.util.Collection |
getTrustAnchors(java.security.cert.X509Certificate cert,
java.util.Set trustanchors)
|
void |
init(java.security.cert.CertPath certPath,
java.security.cert.PKIXParameters params)
Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params |
private java.lang.String |
IPtoString(byte[] ip)
|
boolean |
isValidCertPath()
|
private boolean |
processQcStatements(java.security.cert.X509Certificate cert,
int index)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final java.lang.String QC_STATEMENT
private static final java.lang.String CRL_DIST_POINTS
private static final java.lang.String AUTH_INFO_ACCESS
private static final java.lang.String RESOURCE_NAME
protected java.security.cert.CertPath certPath
protected java.security.cert.PKIXParameters pkixParams
protected java.util.Date validDate
protected java.util.List certs
protected int n
protected java.util.List[] notifications
protected java.util.List[] errors
protected java.security.cert.TrustAnchor trustAnchor
protected java.security.PublicKey subjectPublicKey
protected java.security.cert.PolicyNode policyTree
private boolean initialized
Constructor Detail |
---|
public PKIXCertPathReviewer(java.security.cert.CertPath certPath, java.security.cert.PKIXParameters params) throws CertPathReviewerException
CertPath
and PKIXParameters
params
certPath
- the CertPath
to validateparams
- the PKIXParameters
to use
CertPathReviewerException
- if the certPath is emptypublic PKIXCertPathReviewer()
Method Detail |
---|
public void init(java.security.cert.CertPath certPath, java.security.cert.PKIXParameters params) throws CertPathReviewerException
CertPath
and PKIXParameters
params
certPath
- the CertPath
to validateparams
- the PKIXParameters
to use
CertPathReviewerException
- if the certPath is empty
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
is already initializedpublic java.security.cert.CertPath getCertPath()
public int getCertPathSize()
public java.util.List[] getErrors()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.util.List getErrors(int index)
index
- the index of the certificate in the CertPath
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.util.List[] getNotifications()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.util.List getNotifications(int index)
index
- the index of the certificate in the CertPath
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.security.cert.PolicyNode getPolicyTree()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.security.PublicKey getSubjectPublicKey()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic java.security.cert.TrustAnchor getTrustAnchor()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedpublic boolean isValidCertPath()
java.lang.IllegalStateException
- if the PKIXCertPathReviewer
was not initializedprotected void addNotification(ErrorBundle msg)
protected void addNotification(ErrorBundle msg, int index)
protected void addError(ErrorBundle msg)
protected void addError(ErrorBundle msg, int index)
protected void doChecks()
private void checkNameConstraints()
private void checkPathLength()
private void checkSignatures()
private void checkPolicy()
private void checkCriticalExtensions()
private boolean processQcStatements(java.security.cert.X509Certificate cert, int index)
private java.lang.String IPtoString(byte[] ip)
protected void checkRevocation(java.security.cert.PKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.Vector crlDistPointUrls, java.util.Vector ocspUrls, int index) throws CertPathReviewerException
CertPathReviewerException
protected void checkCRLs(java.security.cert.PKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.Vector crlDistPointUrls, int index) throws CertPathReviewerException
CertPathReviewerException
protected java.util.Vector getCRLDistUrls(CRLDistPoint crlDistPoints)
protected java.util.Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
private java.security.cert.X509CRL getCRL(java.lang.String location) throws CertPathReviewerException
CertPathReviewerException
private java.util.Collection getTrustAnchors(java.security.cert.X509Certificate cert, java.util.Set trustanchors) throws CertPathReviewerException
CertPathReviewerException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |