public class RFC3280CertPathUtilitiesCanl extends RFC3280CertPathUtilities
RFC3280CertPathUtilities
.
It was done to: fix its bugs (only one or two, should be OK in BC 1.47) and
to have errors consumable by the rest of this library (most of the code).ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
Constructor and Description |
---|
RFC3280CertPathUtilitiesCanl() |
Modifier and Type | Method and Description |
---|---|
private static void |
checkCRL(org.bouncycastle.asn1.x509.DistributionPoint dp,
org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate defaultCRLSignCert,
java.security.PublicKey defaultCRLSignKey,
CertStatus certStatus,
ReasonsMask reasonMask,
java.util.List<?> certPathCerts,
org.bouncycastle.jcajce.util.JcaJceHelper jcaHelper)
Checks a distribution point for revocation information for the
certificate
cert . |
static void |
checkCRLs2(ExtPKIXParameters2 paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate sign,
java.security.PublicKey workingPublicKey,
java.util.List<?> certPathCerts,
org.bouncycastle.jcajce.util.JcaJceHelper jcaHelper)
Checks a certificate if it is revoked.
|
protected static void |
getCertStatus(java.util.Date validDate,
java.security.cert.X509CRL crl,
java.lang.Object cert,
CertStatus certStatus) |
private static void |
processCRLB1_2(org.bouncycastle.asn1.x509.DistributionPoint dp,
java.lang.Object cert,
java.security.cert.X509CRL crl) |
private static void |
processCRLB2_2(org.bouncycastle.asn1.x509.DistributionPoint dp,
java.lang.Object cert,
java.security.cert.X509CRL crl) |
private static void |
processCRLC2(java.security.cert.X509CRL deltaCRL,
java.security.cert.X509CRL completeCRL,
org.bouncycastle.jcajce.PKIXExtendedParameters pkixParams) |
private static ReasonsMask |
processCRLD2(java.security.cert.X509CRL crl,
org.bouncycastle.asn1.x509.DistributionPoint dp) |
private static java.util.Set<?> |
processCRLF2(java.security.cert.X509CRL crl,
java.lang.Object cert,
java.security.cert.X509Certificate defaultCRLSignCert,
java.security.PublicKey defaultCRLSignKey,
org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX,
java.util.List<?> certPathCerts,
org.bouncycastle.jcajce.util.JcaJceHelper helper) |
private static java.security.PublicKey |
processCRLG2(java.security.cert.X509CRL crl,
java.util.Set<?> keys) |
private static java.security.cert.X509CRL |
processCRLH2(java.util.Set<?> deltacrls,
java.security.PublicKey key) |
private static void |
processCRLI2(java.util.Date validDate,
java.security.cert.X509CRL deltacrl,
java.lang.Object cert,
CertStatus certStatus,
org.bouncycastle.jcajce.PKIXExtendedParameters pkixParams) |
private static void |
processCRLJ2(java.util.Date validDate,
java.security.cert.X509CRL completecrl,
java.lang.Object cert,
CertStatus certStatus) |
checkCRLs, prepareCertB, prepareNextCertA, prepareNextCertG, prepareNextCertH1, prepareNextCertH2, prepareNextCertH3, prepareNextCertI1, prepareNextCertI2, prepareNextCertJ, prepareNextCertK, prepareNextCertL, prepareNextCertM, prepareNextCertN, prepareNextCertO, processCertA, processCertBC, processCertD, processCertE, processCertF, processCRLA1i, processCRLA1ii, processCRLB1, processCRLB2, processCRLC, processCRLD, processCRLF, processCRLG, processCRLH, processCRLI, processCRLJ, wrapupCertA, wrapupCertB, wrapupCertF, wrapupCertG
public static void checkCRLs2(ExtPKIXParameters2 paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.List<?> certPathCerts, org.bouncycastle.jcajce.util.JcaJceHelper jcaHelper) throws SimpleValidationErrorException
paramsPKIX
- PKIX parameters.cert
- Certificate to check if it is revoked.validDate
- The date when the certificate revocation status
should be checked.sign
- The issuer certificate of the certificate
cert
.workingPublicKey
- The public key of the issuer certificate
sign
.certPathCerts
- The certificates of the certification path.jcaHelper
- JcaJce helperSimpleValidationErrorException
- if the certificate is revoked or the
status cannot be checked or some error occurs.private static void checkCRL(org.bouncycastle.asn1.x509.DistributionPoint dp, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate defaultCRLSignCert, java.security.PublicKey defaultCRLSignKey, CertStatus certStatus, ReasonsMask reasonMask, java.util.List<?> certPathCerts, org.bouncycastle.jcajce.util.JcaJceHelper jcaHelper) throws SimpleValidationErrorException
cert
.dp
- The distribution point to consider.paramsPKIX
- PKIX parameters.cert
- Certificate to check if it is revoked.validDate
- The date when the certificate revocation status
should be checked.defaultCRLSignCert
- The issuer certificate of the certificate
cert
.defaultCRLSignKey
- The public key of the issuer certificate
defaultCRLSignCert
.certStatus
- The current certificate revocation status.reasonMask
- The reasons mask which is already checked.certPathCerts
- The certificates of the certification path.org.bouncycastle.jce.provider.AnnotatedException
- if the certificate is revoked or the
status cannot be checked or some error occurs.SimpleValidationErrorException
private static void processCRLB1_2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.security.cert.X509CRL crl) throws SimpleValidationErrorException
SimpleValidationErrorException
private static void processCRLB2_2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.security.cert.X509CRL crl) throws SimpleValidationErrorException
SimpleValidationErrorException
private static void processCRLC2(java.security.cert.X509CRL deltaCRL, java.security.cert.X509CRL completeCRL, org.bouncycastle.jcajce.PKIXExtendedParameters pkixParams) throws SimpleValidationErrorException
SimpleValidationErrorException
private static java.util.Set<?> processCRLF2(java.security.cert.X509CRL crl, java.lang.Object cert, java.security.cert.X509Certificate defaultCRLSignCert, java.security.PublicKey defaultCRLSignKey, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.util.List<?> certPathCerts, org.bouncycastle.jcajce.util.JcaJceHelper helper) throws SimpleValidationErrorException
SimpleValidationErrorException
private static java.security.cert.X509CRL processCRLH2(java.util.Set<?> deltacrls, java.security.PublicKey key) throws SimpleValidationErrorException
SimpleValidationErrorException
private static java.security.PublicKey processCRLG2(java.security.cert.X509CRL crl, java.util.Set<?> keys) throws SimpleValidationErrorException
SimpleValidationErrorException
private static void processCRLI2(java.util.Date validDate, java.security.cert.X509CRL deltacrl, java.lang.Object cert, CertStatus certStatus, org.bouncycastle.jcajce.PKIXExtendedParameters pkixParams) throws SimpleValidationErrorException
SimpleValidationErrorException
private static void processCRLJ2(java.util.Date validDate, java.security.cert.X509CRL completecrl, java.lang.Object cert, CertStatus certStatus) throws SimpleValidationErrorException
SimpleValidationErrorException
private static ReasonsMask processCRLD2(java.security.cert.X509CRL crl, org.bouncycastle.asn1.x509.DistributionPoint dp) throws SimpleValidationErrorException
SimpleValidationErrorException
protected static void getCertStatus(java.util.Date validDate, java.security.cert.X509CRL crl, java.lang.Object cert, CertStatus certStatus) throws SimpleValidationErrorException
SimpleValidationErrorException