public class FixedBCPKIXCertPathReviewer
extends org.bouncycastle.x509.PKIXCertPathReviewer
Modifier and Type | Field and Description |
---|---|
protected static java.lang.String |
ANY_POLICY |
protected static java.lang.String |
AUTHORITY_KEY_IDENTIFIER |
protected static java.lang.String |
BASIC_CONSTRAINTS |
protected static java.lang.String |
CERTIFICATE_POLICIES |
protected static java.lang.String |
CRL_DISTRIBUTION_POINTS |
protected static java.lang.String |
CRL_NUMBER |
protected static int |
CRL_SIGN |
protected static org.bouncycastle.x509.PKIXCRLUtil |
CRL_UTIL |
protected static java.lang.String[] |
crlReasons |
protected static java.lang.String |
DELTA_CRL_INDICATOR |
protected static java.lang.String |
FRESHEST_CRL |
protected static java.lang.String |
INHIBIT_ANY_POLICY |
private boolean |
initialized |
protected static java.lang.String |
ISSUING_DISTRIBUTION_POINT |
protected static int |
KEY_CERT_SIGN |
protected static java.lang.String |
KEY_USAGE |
protected static java.lang.String |
NAME_CONSTRAINTS |
protected ExtPKIXParameters2 |
pkixParams |
protected static java.lang.String |
POLICY_CONSTRAINTS |
protected static java.lang.String |
POLICY_MAPPINGS |
private static java.lang.String |
QC_STATEMENT |
static java.lang.String |
RESOURCE_NAME |
protected static java.lang.String |
SUBJECT_ALTERNATIVE_NAME |
Constructor and Description |
---|
FixedBCPKIXCertPathReviewer(java.security.cert.CertPath certPath,
ExtPKIXParameters2 params)
Creates a PKIXCertPathReviewer and initializes it with the given
CertPath and PKIXParameters params |
Modifier and Type | Method and Description |
---|---|
protected void |
addError(SimpleValidationErrorException msg,
int index) |
private void |
checkCriticalExtensions() |
private void |
checkNameConstraints() |
private void |
checkPathLength() |
private void |
checkPolicy() |
protected void |
checkRevocation(ExtPKIXParameters2 paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate sign,
java.security.PublicKey workingPublicKey) |
private void |
checkSignatures() |
protected void |
doChecks() |
protected static java.util.Collection |
findCertificates(org.bouncycastle.jcajce.PKIXCertStoreSelector arg0,
java.util.List arg1) |
protected static java.util.Collection |
findCertificates(org.bouncycastle.x509.X509AttributeCertStoreSelector arg0,
java.util.List arg1) |
protected static java.util.Collection |
findCertificates(org.bouncycastle.x509.X509CertStoreSelector arg0,
java.util.List arg1) |
protected static org.bouncycastle.asn1.x509.AlgorithmIdentifier |
getAlgorithmIdentifier(java.security.PublicKey arg0) |
protected static void |
getCertStatus(java.util.Date arg0,
java.security.cert.X509CRL arg1,
java.lang.Object arg2,
org.bouncycastle.x509.CertStatus arg3) |
protected java.util.Vector |
getCRLDistUrls(org.bouncycastle.asn1.x509.CRLDistPoint crlDistPoints) |
protected static javax.security.auth.x500.X500Principal |
getEncodedIssuerPrincipal(java.lang.Object arg0) |
protected static org.bouncycastle.asn1.ASN1Primitive |
getExtensionValue(java.security.cert.X509Extension arg0,
java.lang.String arg1) |
protected static javax.security.auth.x500.X500Principal |
getIssuerPrincipal(java.security.cert.X509CRL arg0) |
protected static java.security.PublicKey |
getNextWorkingKey(java.util.List arg0,
int arg1) |
protected static java.util.Set |
getQualifierSet(org.bouncycastle.asn1.ASN1Sequence arg0) |
protected static javax.security.auth.x500.X500Principal |
getSubjectPrincipal(java.security.cert.X509Certificate arg0) |
protected static java.util.Date |
getValidDate(java.security.cert.PKIXParameters arg0) |
void |
init(java.security.cert.CertPath certPath,
ExtPKIXParameters2 params)
Initializes the PKIXCertPathReviewer with the given
CertPath and PKIXParameters params |
protected static boolean |
isAnyPolicy(java.util.Set arg0) |
protected static boolean |
isSelfIssued(java.security.cert.X509Certificate arg0) |
protected static void |
prepareNextCertB1(int arg0,
java.util.List[] arg1,
java.lang.String arg2,
java.util.Map arg3,
java.security.cert.X509Certificate arg4) |
protected static org.bouncycastle.jce.provider.PKIXPolicyNode |
prepareNextCertB2(int arg0,
java.util.List[] arg1,
java.lang.String arg2,
org.bouncycastle.jce.provider.PKIXPolicyNode arg3) |
protected static boolean |
processCertD1i(int arg0,
java.util.List[] arg1,
org.bouncycastle.asn1.ASN1ObjectIdentifier arg2,
java.util.Set arg3) |
protected static void |
processCertD1ii(int arg0,
java.util.List[] arg1,
org.bouncycastle.asn1.ASN1ObjectIdentifier arg2,
java.util.Set arg3) |
private boolean |
processQcStatements(java.security.cert.X509Certificate cert,
int index) |
protected static org.bouncycastle.jce.provider.PKIXPolicyNode |
removePolicyNode(org.bouncycastle.jce.provider.PKIXPolicyNode arg0,
java.util.List[] arg1,
org.bouncycastle.jce.provider.PKIXPolicyNode arg2) |
protected static void |
verifyX509Certificate(java.security.cert.X509Certificate arg0,
java.security.PublicKey arg1,
java.lang.String arg2) |
addError, addError, addNotification, addNotification, checkCRLs, checkRevocation, getCertPath, getCertPathSize, getErrors, getErrors, getNotifications, getNotifications, getOCSPUrls, getPolicyTree, getSubjectPublicKey, getTrustAnchor, getTrustAnchors, init, isValidCertPath
private static final java.lang.String QC_STATEMENT
public static final java.lang.String RESOURCE_NAME
protected ExtPKIXParameters2 pkixParams
private boolean initialized
protected static final org.bouncycastle.x509.PKIXCRLUtil CRL_UTIL
protected static final java.lang.String CERTIFICATE_POLICIES
protected static final java.lang.String BASIC_CONSTRAINTS
protected static final java.lang.String POLICY_MAPPINGS
protected static final java.lang.String SUBJECT_ALTERNATIVE_NAME
protected static final java.lang.String NAME_CONSTRAINTS
protected static final java.lang.String KEY_USAGE
protected static final java.lang.String INHIBIT_ANY_POLICY
protected static final java.lang.String ISSUING_DISTRIBUTION_POINT
protected static final java.lang.String DELTA_CRL_INDICATOR
protected static final java.lang.String POLICY_CONSTRAINTS
protected static final java.lang.String FRESHEST_CRL
protected static final java.lang.String CRL_DISTRIBUTION_POINTS
protected static final java.lang.String AUTHORITY_KEY_IDENTIFIER
protected static final java.lang.String ANY_POLICY
protected static final java.lang.String CRL_NUMBER
protected static final int KEY_CERT_SIGN
protected static final int CRL_SIGN
protected static final java.lang.String[] crlReasons
public FixedBCPKIXCertPathReviewer(java.security.cert.CertPath certPath, ExtPKIXParameters2 params) throws org.bouncycastle.x509.CertPathReviewerException
CertPath
and PKIXParameters
paramscertPath
- the CertPath
to validateparams
- the PKIXParameters
to useorg.bouncycastle.x509.CertPathReviewerException
- if the certPath is emptypublic void init(java.security.cert.CertPath certPath, ExtPKIXParameters2 params) throws org.bouncycastle.x509.CertPathReviewerException
CertPath
and PKIXParameters
paramscertPath
- the CertPath
to validateparams
- the PKIXParameters
to useorg.bouncycastle.x509.CertPathReviewerException
- if the certPath is emptyjava.lang.IllegalStateException
- if the PKIXCertPathReviewer
is already initializedprotected void addError(SimpleValidationErrorException msg, int index)
protected void doChecks()
doChecks
in class org.bouncycastle.x509.PKIXCertPathReviewer
private void checkNameConstraints()
private void checkPathLength()
private void checkSignatures()
private void checkPolicy()
private void checkCriticalExtensions()
private boolean processQcStatements(java.security.cert.X509Certificate cert, int index)
protected void checkRevocation(ExtPKIXParameters2 paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey) throws SimpleValidationErrorException
SimpleValidationErrorException
protected java.util.Vector getCRLDistUrls(org.bouncycastle.asn1.x509.CRLDistPoint crlDistPoints)
getCRLDistUrls
in class org.bouncycastle.x509.PKIXCertPathReviewer
protected static javax.security.auth.x500.X500Principal getEncodedIssuerPrincipal(java.lang.Object arg0)
protected static java.util.Date getValidDate(java.security.cert.PKIXParameters arg0)
protected static javax.security.auth.x500.X500Principal getSubjectPrincipal(java.security.cert.X509Certificate arg0)
protected static boolean isSelfIssued(java.security.cert.X509Certificate arg0)
protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(java.security.cert.X509Extension arg0, java.lang.String arg1) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static javax.security.auth.x500.X500Principal getIssuerPrincipal(java.security.cert.X509CRL arg0)
protected static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier(java.security.PublicKey arg0) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static final java.util.Set getQualifierSet(org.bouncycastle.asn1.ASN1Sequence arg0) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static org.bouncycastle.jce.provider.PKIXPolicyNode removePolicyNode(org.bouncycastle.jce.provider.PKIXPolicyNode arg0, java.util.List[] arg1, org.bouncycastle.jce.provider.PKIXPolicyNode arg2)
protected static boolean processCertD1i(int arg0, java.util.List[] arg1, org.bouncycastle.asn1.ASN1ObjectIdentifier arg2, java.util.Set arg3)
protected static void processCertD1ii(int arg0, java.util.List[] arg1, org.bouncycastle.asn1.ASN1ObjectIdentifier arg2, java.util.Set arg3)
protected static void prepareNextCertB1(int arg0, java.util.List[] arg1, java.lang.String arg2, java.util.Map arg3, java.security.cert.X509Certificate arg4) throws org.bouncycastle.jce.provider.AnnotatedException, java.security.cert.CertPathValidatorException
org.bouncycastle.jce.provider.AnnotatedException
java.security.cert.CertPathValidatorException
protected static org.bouncycastle.jce.provider.PKIXPolicyNode prepareNextCertB2(int arg0, java.util.List[] arg1, java.lang.String arg2, org.bouncycastle.jce.provider.PKIXPolicyNode arg3)
protected static boolean isAnyPolicy(java.util.Set arg0)
protected static java.util.Collection findCertificates(org.bouncycastle.x509.X509CertStoreSelector arg0, java.util.List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static java.util.Collection findCertificates(org.bouncycastle.jcajce.PKIXCertStoreSelector arg0, java.util.List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static java.util.Collection findCertificates(org.bouncycastle.x509.X509AttributeCertStoreSelector arg0, java.util.List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static void getCertStatus(java.util.Date arg0, java.security.cert.X509CRL arg1, java.lang.Object arg2, org.bouncycastle.x509.CertStatus arg3) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static java.security.PublicKey getNextWorkingKey(java.util.List arg0, int arg1) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static void verifyX509Certificate(java.security.cert.X509Certificate arg0, java.security.PublicKey arg1, java.lang.String arg2) throws java.security.GeneralSecurityException
java.security.GeneralSecurityException