All Classes Interface Summary Class Summary Enum Summary Exception Summary
| Class |
Description |
| AbstractCRLStoreSPI |
|
| AbstractDelegatingX509Credential |
Abstract base for credential implementations which delegate to
another one.
|
| AbstractEuGridPmaNamespacesStore |
EuGridPMA policy store common code.
|
| AbstractGlobusNamespacesStore |
Globus EACL policy store common code.
|
| AbstractHostnameToCertificateChecker |
Deprecated.
|
| AbstractNamespacesStore |
Policy store common code.
|
| AbstractTrustAnchorStore |
Base implementation of Trust Anchor stores.
|
| AbstractValidator |
|
| AbstractX509Credential |
|
| BaseProxyCertificateOptions |
Generic proxy creation parameters useful for all scenarios.
|
| BCCertPathValidator |
Low-level certificate validator based on the BC PKIXCertPathReviewer
with additional support for proxy certificates.
|
| BCErrorMapper |
|
| BinaryCertChainValidator |
A simplistic X509CertChainValidator implementation which always fails or accepts certificates,
basing on the constructor argument. |
| BoundedSizeLruMap<S,T> |
|
| CachedElement<T> |
Cached element is a container of an arbitrary object,
enriched with a creation timestamp.
|
| CachedPEMReader |
This class extends the PEMParser class from the BC library.
|
| CertificateExtension |
Stores DER form of a certificate extension along with its OID and
flag if the extension is critical.
|
| CertificateHelpers |
Utility methods for certificates handling and reading/writing PEM files.
|
| CertificateHelpers.PEMContentsType |
|
| CertificateUtils |
Utility class with methods simplifying typical certificate related operations.
|
| CertificateUtils.Encoding |
Definition of the encoding that can be used for reading or writing
certificates or keys.
|
| CertPathValidatorUtilities |
|
| CertPathValidatorUtilitiesCanl |
|
| CertStatus |
|
| CharArrayPasswordFinder |
Trivial implementation of PasswordSupplier which uses a password
provided to the constructor. |
| CommonX509TrustManager |
This class wraps X509CertChainValidator so it can be easily used in
the standard Java SSL API.
|
| CredentialX509KeyManager |
Simple KeyManager implementation which always returns the only key and certificate
which is available in the configured X509Credential object. |
| CrlCheckingMode |
Defines Certificate Revocation List verification mode.
|
| CRLParameters |
Manages configuration of CRL sources, used in non-openssl truststores.
|
| CRLRevocationChecker |
|
| DERCredential |
Wraps certificate and private key stored in DER format.
|
| DirectoryCertChainValidator |
The certificate validator which uses a flexible set of certificates and CRL locations.
|
| DirectoryTrustAnchorStore |
Retrieves CA certificates from locations given as local paths with wildcards
or URLs.
|
| DisabledNameMismatchCallback |
|
| DNComparator |
Helpers for checking text representations of DNs for equality.
|
| DraftRFCProxyCertInfoExtension |
Proxy cert info extension class.
|
| EnforcingNameMismatchCallback |
|
| EuGridPmaNamespacesParser |
Parses a single EUGridPMA namespaces file and returns NamespacePolicy object. |
| EuGridPmaNamespacesStore |
|
| ExtendedProxyType |
|
| ExtPKIXParameters2 |
Extended PKIX parameters with additional settings related to
the library features: different CRL modes and proxy support.
|
| ExtPKIXParameters2.Builder |
|
| FixedBCPKIXCertPathReviewer |
PKIXCertPathReviewer
Validation of X.509 Certificate Paths.
|
| FlexiblePEMReader |
Extends BC's PEMParser class so it can read correctly also
PEM files with a garbage at the beginning
and minor syntax violations which occur more then often in the wild.
|
| FormatMode |
String output mode.
|
| GlobusNamespacesParser |
|
| GlobusNamespacesParser.InvalidPolicyFilenameException |
|
| GlobusNamespacesParser.PolicySyntaxException |
|
| GlobusNamespacesParser.Token |
|
| GlobusNamespacesStore |
|
| HostnameMismatchCallback |
Deprecated.
|
| HostnameMismatchCallback2 |
Implementation should react to the event when remote SSL peer's certificate is not matching its hostname.
|
| HostnameToCertificateChecker |
Verifies if a peer's host name matches a DN of its certificate.
|
| HostnameToCertificateChecker.ResultWrapper |
|
| InMemoryKeystoreCertChainValidator |
The certificate validator which uses Java KeyStore as a truststore.
|
| IPAddressHelper |
Helpers for IP addresses comparison.
|
| JavaAndBCStyle |
Extends BCStyle with additional recognized attribute names, to make
it fully compatible with what the internal OpenJDK implementation supports
when parsing string RFC 2253 DNs.
|
| JDKFSTrustAnchorStore |
|
| JDKInMemoryTrustAnchorStore |
Implementation of the TrustAnchorStore which uses JDK's KeyStore
as a in-memory storage. |
| KeyAndCertCredential |
|
| KeystoreCertChainValidator |
The certificate validator which uses Java KeyStore as a truststore.
|
| KeystoreCredential |
Wraps a Java KeyStore in form suitable for use in JSSE.
|
| KeyStoreHelper |
KeyStore class utility helpers
|
| LazyEuGridPmaNamespacesStore |
EuGridPMA namespace policies are loaded on demand by this store and are cached in memory.
|
| LazyGlobusNamespacesStore |
Globus EACL policies are loaded on demand by this store and are cached in memory.
|
| LazyOpensslCRLStoreSpi |
Handles an Openssl-like CRL store.
|
| LazyOpensslTrustAnchorStoreImpl |
Implementation of the truststore which uses CA certificates from a single directory
in OpenSSL format.
|
| NamespaceChecker |
Implements namespace policy checking.
|
| NamespaceCheckingMode |
Used to define the CA namespace checking mode.
|
| NamespacePolicy |
Represents a namespace policy, i.e.
|
| NamespacesParser |
Implemented by namespace parsers.
|
| NamespacesStore |
|
| NonValidatingCertPathBuilder |
This class is a modified copy of BC's PKIXCertPathBuilderSpi.
|
| ObserversHandler |
|
| OCSPCacheBase |
Common base class for responses and responders caches.
|
| OCSPCachingClient |
|
| OCSPCheckingMode |
Defines On-line Certificate Status Protocol usage mode.
|
| OCSPClientImpl |
OCSP client is responsible for the network related activity of the OCSP invocation pipeline.
|
| OCSPParametes |
Manages configuration of OCSP support for all truststores.
|
| OCSPResponder |
Configuration of a local responder.
|
| OCSPRespondersCache |
OCSP failing responses cache: in memory with disk persistence.
|
| OCSPRespondersCache.ResponderCacheEntry |
|
| OCSPResponsesCache |
OCSP responses cache: in memory with disk persistence.
|
| OCSPResponsesCache.ResponseCacheEntry |
|
| OCSPResponseStructure |
Holds OCSP response (parsed) and some additional metadata, e.g.
|
| OCSPResult |
|
| OCSPResult.Status |
|
| OCSPRevocationChecker |
|
| OCSPVerifier |
|
| OidAndValue<T extends org.bouncycastle.asn1.ASN1Encodable> |
Stores DER form of a certificate attribute value with its OID.
|
| OpensslCertChainValidator |
The certificate validator which uses OpenSSL directory as a truststore.
|
| OpensslCRLStoreSpi |
Implementation of the CRL store which uses CRLs from a single directory
in OpenSSL format.
|
| OpensslNamespacePolicyImpl |
Represents a namespace policy, i.e.
|
| OpensslNameUtils |
This class provides support for the legacy Openssl format of DN encoding.
|
| OpensslTrustAnchorStore |
|
| OpensslTrustAnchorStoreImpl |
Implementation of the truststore which uses CA certificates from a single directory
in OpenSSL format.
|
| OpensslTruststoreHelper |
Several static methods helping to mangle truststore file paths in openssl style.
|
| ParserUtils |
Common helpers for namespace file parsers.
|
| PasswordSupplier |
Provides password on demand.
|
| PEMCredential |
Wraps certificate and private key stored in PEM format.
|
| PKCS8DERReader |
This class extends the PEMParser class from the BC library.
|
| PKIXCRLUtil |
|
| PKIXPolicyNode |
|
| PKIXProxyCertificateChecker |
Checker which handles proxy certificate extensions so BC won't report them as unknown.
|
| PlainCRLStoreSpi |
Handles an in-memory CRL store.
|
| PlainCRLStoreSpi.CRLAsyncUpdateTask |
This class follows a quite advanced but important pattern:
- it is static so there is no hidden reference from it to the wrapping class
- instead it has a weak reference to the wrapping object
- when the weak reference is nullified, it means that the wrapping object was discarded
by the GC and is no more usable: in this case the update task is automatically stopped.
|
| PlainCRLValidator |
An abstract validator which provides a CRL support common for validators
using PlainCRLStoreSpi. |
| PlainStoreUtils |
Class for CA or CRL stores with utility methods for handling list
of locations as wildcards or URLs.
|
| PrincipalUtils |
|
| ProxyACExtension |
A class for handling the VOMS AC extension in certificates (OID: 1.3.6.1.4.1.8005.100.100.5)
|
| ProxyAddressRestrictionData |
An utility class for defining the allowed address space, used both to define
the source and target restrictions.
|
| ProxyCertificate |
Wraps information about a new proxy which was generated by the ProxyGenerator. |
| ProxyCertificateImpl |
|
| ProxyCertificateOptions |
Holds parameters which are used to create a proxy certificate using
only a certificate chain.
|
| ProxyCertInfoExtension |
Proxy cert info extension class.
|
| ProxyChainInfo |
A class to get an information from a proxy certificate chain.
|
| ProxyChainType |
Specifies the type of the proxy chain.
|
| ProxyCSR |
Wraps information about a new proxy certificate signing request which was generated by the ProxyCSRGenerator. |
| ProxyCSRGenerator |
Generates a proxy certificate signing request.
|
| ProxyCSRImpl |
ProxyCSR implementation.
|
| ProxyCSRInfo |
A class to get the information from the proxy certificate request.
|
| ProxyGenerator |
Utilities to create proxy certificates.
|
| ProxyGeneratorHelper |
Actual implementation of the Proxy generation.
|
| ProxyHelper |
Various helpers for handling proxy certificates
|
| ProxyPolicy |
Proxy policy ASN1 class.
|
| ProxyRequestOptions |
Holds parameters which are used to issue a proxy certificate
using a provided Certificate Signing Request and a local certificate chain.
|
| ProxySAMLExtension |
A class for handling the SAML extension in the Certificate.
|
| ProxySupport |
Defines proxy support mode for validators.
|
| ProxyTracingExtension |
A class for generating and parsing the proxy tracing extensions.
|
| ProxyType |
Specifies the type of the proxy.
|
| ProxyUtils |
Utility methods for checking properties of proxy certificates.
|
| ReaderInputStream |
InputStream implementation that reads a character stream from a Reader
and transforms it to a byte stream using a specified charset encoding.
|
| ReasonsMask |
This class helps to handle CRL revocation reasons mask.
|
| RevocationChecker |
Used to check revocation using a single revocation checking mechanism.
|
| RevocationParameters |
Wraps the information required to control how certificates revocation is checked.
|
| RevocationParameters.RevocationCheckingOrder |
|
| RevocationParametersExt |
Manages configuration of revocation settings, used in non-openssl truststores.
|
| RevocationStatus |
Covers possible generic revocation checking outcomes, in case when certificate being checked is not revoked.
|
| RFC3280CertPathUtilities |
|
| RFC3280CertPathUtilitiesCanl |
|
| RFCProxyCertInfoExtension |
Proxy cert info extension class.
|
| SimpleCRLStore |
Provider-less implementation of the CertStore.
|
| SimpleValidationErrorException |
Contains one problem code with optional arguments.
|
| SocketFactoryCreator |
Deprecated.
|
| SocketFactoryCreator2 |
Utility allowing programmers to quickly create SSL socket factories using configuration abstractions
of this library.
|
| SSLTrustManager |
|
| SSLTrustManagerWithHostnameChecking |
Wires CANL abstractions: credentials and verificators into Java SSL socket factory.
|
| StoreUpdateListener |
Implementations receive information about updates of certificate, CRL stores or OCSP errors.
|
| StoreUpdateListener.Severity |
|
| TimedTrustAnchorStoreBase |
Base implementation of Trust Anchor stores which load all certificates into memory.
|
| TimedTrustAnchorStoreBase.AsyncTrustAnchorsUpdateTask |
Important: static nested class, weak reference to the wrapper.
|
| TrustAnchorExt |
|
| TrustAnchorStore |
Implementations provide trust store material: a list of trusted CA certificates.
|
| ValidationError |
Holds information about a single validation problem with a reference to
the certificate chain.
|
| ValidationErrorCategory |
This enumeration contains general classes of errors that can be signaled
during certificate path validation.
|
| ValidationErrorCode |
This enumeration contains codes of errors that can be signaled
during certificate path validation.
|
| ValidationErrorException |
|
| ValidationErrorListener |
Invoked when there is an error found during certificate chain validation.
|
| ValidationResult |
Wraps a validation result, error messages and unresolved
certificate extension oids (if any).
|
| ValidatorParams |
|
| ValidatorParamsExt |
|
| WeakTimerTask<T> |
This class holds a partner of the TimerTask reference as weak one.
|
| X500NameUtils |
Contains utility static methods which are helpful in manipulating X.500 Distinguished
Names, especially encoded in String form using RFC 2253.
|
| X509CertChainValidator |
Implementations are used to perform a manual certificate chain validation.
|
| X509CertChainValidatorExt |
Extends the main X509CertChainValidator interface with some additional methods
which are commonly provided by the most validator implementations, but are not
strictly required for the sole validation. |
| X509Credential |
Implementations are used to wrap credentials (private key and certificate)
in various formats.
|
| X509Formatter |
Utility allowing for converting certificates to various text representations.
|
| X509v3CertificateBuilder |
Class to produce an X.509 Version 3 certificate.
|