Class CertPathValidatorUtilitiesCanl
- java.lang.Object
-
- eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
-
- eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilitiesCanl
-
public class CertPathValidatorUtilitiesCanl extends CertPathValidatorUtilities
Exposes otherwise hidden methods fromCertPathValidatorUtilitiesCanl
plus in some cases fixes bugs plus produces errors in the desired format.
-
-
Field Summary
-
Fields inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
-
-
Constructor Summary
Constructors Constructor Description CertPathValidatorUtilitiesCanl()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.util.Collection<?>
findIssuerCerts(java.security.cert.X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
static java.security.cert.TrustAnchor
findTrustAnchorPublic(java.security.cert.X509Certificate cert, java.util.Set<?> trustAnchors, java.lang.String sigProvider)
protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore>
getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
protected static java.util.Set
getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
AsCertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs.protected static java.util.Set<?>
getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.security.cert.X509Certificate cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
protected static java.util.Set<java.security.cert.X509CRL>
getDeltaCRLs2(java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.security.cert.X509CRL completeCRL)
Fetches delta CRLs according to RFC 3280 section 5.2.4.protected static org.bouncycastle.asn1.ASN1Primitive
getExtensionValue(java.security.cert.X509Extension ext, java.lang.String oid)
static java.math.BigInteger
getSerialNumber(java.lang.Object cert)
-
Methods inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
checkCRLsNotEmpty, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAdditionalStoresFromAltNames, getAdditionalStoresFromCRLDistributionPoint, getAlgorithmIdentifier, getCertStatus, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getNextWorkingKey, getQualifierSet, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate
-
-
-
-
Method Detail
-
findTrustAnchorPublic
public static java.security.cert.TrustAnchor findTrustAnchorPublic(java.security.cert.X509Certificate cert, java.util.Set<?> trustAnchors, java.lang.String sigProvider) throws org.bouncycastle.jce.provider.AnnotatedException
- Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
findIssuerCerts
public static java.util.Collection<?> findIssuerCerts(java.security.cert.X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException
- Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getCompleteCRLs2
protected static java.util.Set<?> getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.security.cert.X509Certificate cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws SimpleValidationErrorException
- Throws:
SimpleValidationErrorException
-
getCompleteCRLs
protected static java.util.Set getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws org.bouncycastle.jce.provider.AnnotatedException
AsCertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs.- Parameters:
dp
-cert
-currentDate
-paramsPKIX
-- Returns:
- A
Set
ofX509CRL
s. - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getDeltaCRLs2
protected static java.util.Set<java.security.cert.X509CRL> getDeltaCRLs2(java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.security.cert.X509CRL completeCRL) throws SimpleValidationErrorException
Fetches delta CRLs according to RFC 3280 section 5.2.4.- Parameters:
currentDate
- The date for which the delta CRLs must be valid.paramsPKIX
- The extended PKIX parameters.completeCRL
- The complete CRL the delta CRL is for.- Returns:
- A
Set
ofX509CRL
s with delta CRLs. - Throws:
SimpleValidationErrorException
- if an exception occurs while picking the delta CRLs.
-
getExtensionValue
protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(java.security.cert.X509Extension ext, java.lang.String oid) throws org.bouncycastle.jce.provider.AnnotatedException
- Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getAdditionalStoresFromCRLDistributionPoint
protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException
- Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getSerialNumber
public static java.math.BigInteger getSerialNumber(java.lang.Object cert)
-
-