Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.37
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.x509
Class PKIXCertPathReviewer

java.lang.Object
  extended by org.bouncycastle.jce.provider.CertPathValidatorUtilities
      extended by org.bouncycastle.x509.PKIXCertPathReviewer

public class PKIXCertPathReviewer
extends CertPathValidatorUtilities

PKIXCertPathReviewer
Validation of X.509 Certificate Paths. Tries to find as much errors in the Path as possible.

Field Summary
protected  java.security.cert.CertPath certPath
           
protected  java.util.List certs
           
protected  java.util.List[] errors
           
protected  int n
           
protected  java.util.List[] notifications
           
protected  java.security.cert.PKIXParameters pkixParams
           
protected  java.security.cert.PolicyNode policyTree
           
protected  java.security.PublicKey subjectPublicKey
           
protected  java.security.cert.TrustAnchor trustAnchor
           
protected  java.util.Date validDate
           
 
Fields inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
 
Constructor Summary
PKIXCertPathReviewer()
          Creates an empty PKIXCertPathReviewer.
PKIXCertPathReviewer(java.security.cert.CertPath certPath, java.security.cert.PKIXParameters params)
          Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params
 
Method Summary
protected  void addError(org.bouncycastle.i18n.ErrorBundle msg)
           
protected  void addError(org.bouncycastle.i18n.ErrorBundle msg, int index)
           
protected  void addNotification(org.bouncycastle.i18n.ErrorBundle msg)
           
protected  void addNotification(org.bouncycastle.i18n.ErrorBundle msg, int index)
           
protected  void checkCRLs(java.security.cert.PKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.Vector crlDistPointUrls, int index)
           
protected  void checkRevocation(java.security.cert.PKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.Vector crlDistPointUrls, java.util.Vector ocspUrls, int index)
           
protected  void doChecks()
           
 java.security.cert.CertPath getCertPath()
           
 int getCertPathSize()
           
protected  java.util.Vector getCRLDistUrls(CRLDistPoint crlDistPoints)
           
 java.util.List[] getErrors()
          Returns an Array of Lists which contains a List of global error messages and a List of error messages for each certificate in the path.
 java.util.List getErrors(int index)
          Returns an List of error messages for the certificate at the given index in the CertPath.
 java.util.List[] getNotifications()
          Returns an Array of Lists which contains a List of global notification messages and a List of botification messages for each certificate in the path.
 java.util.List getNotifications(int index)
          Returns an List of notification messages for the certificate at the given index in the CertPath.
protected  java.util.Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
           
 java.security.cert.PolicyNode getPolicyTree()
           
 java.security.PublicKey getSubjectPublicKey()
           
 java.security.cert.TrustAnchor getTrustAnchor()
           
 void init(java.security.cert.CertPath certPath, java.security.cert.PKIXParameters params)
          Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params
 boolean isValidCertPath()
           
 
Methods inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities
addAdditionalStoreFromLocation, addAdditionalStoresFromCRLDistributionPoint, findCertificates, findCertificates, findCRLs, findCRLs, findTrustAnchor, getAlgorithmIdentifier, getCertStatus, getCompleteCRLs, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getEncodedIssuerPrincipal, getExtensionValue, getIssuerPrincipal, getNextWorkingKey, getQualifierSet, getSubjectPrincipal, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

certPath

protected java.security.cert.CertPath certPath

pkixParams

protected java.security.cert.PKIXParameters pkixParams

validDate

protected java.util.Date validDate

certs

protected java.util.List certs

n

protected int n

notifications

protected java.util.List[] notifications

errors

protected java.util.List[] errors

trustAnchor

protected java.security.cert.TrustAnchor trustAnchor

subjectPublicKey

protected java.security.PublicKey subjectPublicKey

policyTree

protected java.security.cert.PolicyNode policyTree
Constructor Detail

PKIXCertPathReviewer

public PKIXCertPathReviewer(java.security.cert.CertPath certPath,
                            java.security.cert.PKIXParameters params)
                     throws CertPathReviewerException
Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params

Parameters:
certPath - the CertPath to validate
params - the PKIXParameters to use
Throws:
CertPathReviewerException - if the certPath is empty

PKIXCertPathReviewer

public PKIXCertPathReviewer()
Creates an empty PKIXCertPathReviewer. Don't forget to call init() to initialize the object.

Method Detail

init

public void init(java.security.cert.CertPath certPath,
                 java.security.cert.PKIXParameters params)
          throws CertPathReviewerException
Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params

Parameters:
certPath - the CertPath to validate
params - the PKIXParameters to use
Throws:
CertPathReviewerException - if the certPath is empty
java.lang.IllegalStateException - if the PKIXCertPathReviewer is already initialized

getCertPath

public java.security.cert.CertPath getCertPath()
Returns:
the CertPath that was validated

getCertPathSize

public int getCertPathSize()
Returns:
the size of the CertPath

getErrors

public java.util.List[] getErrors()
Returns an Array of Lists which contains a List of global error messages and a List of error messages for each certificate in the path. The global error List is at index 0. The error lists for each certificate at index 1 to n. The error messages are of type.

Returns:
the Array of Lists which contain the error messages
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getErrors

public java.util.List getErrors(int index)
Returns an List of error messages for the certificate at the given index in the CertPath. If index == -1 then the list of global errors is returned with errors not specific to a certificate.

Parameters:
index - the index of the certificate in the CertPath
Returns:
List of error messages for the certificate
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getNotifications

public java.util.List[] getNotifications()
Returns an Array of Lists which contains a List of global notification messages and a List of botification messages for each certificate in the path. The global notificatio List is at index 0. The notification lists for each certificate at index 1 to n. The error messages are of type.

Returns:
the Array of Lists which contain the notification messages
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getNotifications

public java.util.List getNotifications(int index)
Returns an List of notification messages for the certificate at the given index in the CertPath. If index == -1 then the list of global notifications is returned with notifications not specific to a certificate.

Parameters:
index - the index of the certificate in the CertPath
Returns:
List of notification messages for the certificate
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getPolicyTree

public java.security.cert.PolicyNode getPolicyTree()
Returns:
the valid policy tree, null if no valid policy exists.
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getSubjectPublicKey

public java.security.PublicKey getSubjectPublicKey()
Returns:
the PublicKey if the last certificate in the CertPath
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

getTrustAnchor

public java.security.cert.TrustAnchor getTrustAnchor()
Returns:
the TrustAnchor for the CertPath, null if no valid TrustAnchor was found.
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

isValidCertPath

public boolean isValidCertPath()
Returns:
if the CertPath is valid
Throws:
java.lang.IllegalStateException - if the PKIXCertPathReviewer was not initialized

addNotification

protected void addNotification(org.bouncycastle.i18n.ErrorBundle msg)

addNotification

protected void addNotification(org.bouncycastle.i18n.ErrorBundle msg,
                               int index)

addError

protected void addError(org.bouncycastle.i18n.ErrorBundle msg)

addError

protected void addError(org.bouncycastle.i18n.ErrorBundle msg,
                        int index)

doChecks

protected void doChecks()

checkRevocation

protected void checkRevocation(java.security.cert.PKIXParameters paramsPKIX,
                               java.security.cert.X509Certificate cert,
                               java.util.Date validDate,
                               java.security.cert.X509Certificate sign,
                               java.security.PublicKey workingPublicKey,
                               java.util.Vector crlDistPointUrls,
                               java.util.Vector ocspUrls,
                               int index)
                        throws CertPathReviewerException
Throws:
CertPathReviewerException

checkCRLs

protected void checkCRLs(java.security.cert.PKIXParameters paramsPKIX,
                         java.security.cert.X509Certificate cert,
                         java.util.Date validDate,
                         java.security.cert.X509Certificate sign,
                         java.security.PublicKey workingPublicKey,
                         java.util.Vector crlDistPointUrls,
                         int index)
                  throws CertPathReviewerException
Throws:
CertPathReviewerException

getCRLDistUrls

protected java.util.Vector getCRLDistUrls(CRLDistPoint crlDistPoints)

getOCSPUrls

protected java.util.Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.37
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD