|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.bouncycastle.jce.provider.CertPathValidatorUtilities org.bouncycastle.jce.provider.RFC3281CertPathUtilities
class RFC3281CertPathUtilities
Field Summary | |
---|---|
private static java.lang.String |
AUTHORITY_INFO_ACCESS
|
private static java.lang.String |
NO_REV_AVAIL
|
private static java.lang.String |
TARGET_INFORMATION
|
Fields inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities |
---|
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME |
Constructor Summary | |
---|---|
RFC3281CertPathUtilities()
|
Method Summary | |
---|---|
protected static void |
additionalChecks(X509AttributeCertificate attrCert,
ExtendedPKIXParameters pkixParams)
|
private static void |
checkCRL(DistributionPoint dp,
ExtendedPKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate defaultCRLSignCert,
java.security.PublicKey defaultCRLSignKey,
CertStatus certStatus,
ReasonsMask reasonMask,
java.util.List certPathCerts)
Checks a distribution point for revocation information for the certificate cert . |
private static void |
checkCRL(DistributionPoint dp,
X509AttributeCertificate attrCert,
ExtendedPKIXParameters paramsPKIX,
java.util.Date validDate,
java.security.cert.X509Certificate issuerCert,
CertStatus certStatus,
ReasonsMask reasonMask)
Checks a distribution point for revocation information for the certificate cert . |
private static void |
checkCRLs(ExtendedPKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.util.Date validDate,
java.security.cert.X509Certificate sign,
java.security.PublicKey workingPublicKey,
java.util.List certPathCerts)
Checks a certificate if it is revoked. |
protected static void |
checkCRLs(X509AttributeCertificate attrCert,
ExtendedPKIXParameters paramsPKIX,
java.security.cert.X509Certificate issuerCert,
java.util.Date validDate)
Checks if an attribute certificate is revoked. |
protected static java.security.cert.CertPath |
processAttrCert1(X509AttributeCertificate attrCert,
ExtendedPKIXParameters pkixParams)
Searches for a holder public key certificate and verifies its certification path. |
protected static java.security.cert.CertPathValidatorResult |
processAttrCert2(java.security.cert.CertPath certPath,
ExtendedPKIXParameters pkixParams)
|
protected static void |
processAttrCert3(java.security.cert.X509Certificate acIssuerCert,
ExtendedPKIXParameters pkixParams)
|
protected static void |
processAttrCert4(java.security.cert.X509Certificate acIssuerCert,
ExtendedPKIXParameters pkixParams)
|
protected static void |
processAttrCert5(X509AttributeCertificate attrCert,
ExtendedPKIXParameters pkixParams)
|
protected static void |
processAttrCert7(X509AttributeCertificate attrCert,
java.security.cert.CertPath certPath,
java.security.cert.CertPath holderCertPath,
ExtendedPKIXParameters pkixParams)
|
protected static java.util.Set |
processCRLA1i(java.util.Date currentDate,
ExtendedPKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.security.cert.X509CRL crl)
|
protected static java.util.Set[] |
processCRLA1ii(java.util.Date currentDate,
ExtendedPKIXParameters paramsPKIX,
java.security.cert.X509Certificate cert,
java.security.cert.X509CRL crl)
|
protected static void |
processCRLB1(DistributionPoint dp,
java.lang.Object cert,
java.security.cert.X509CRL crl)
|
protected static void |
processCRLB2(DistributionPoint dp,
java.lang.Object cert,
java.security.cert.X509CRL crl)
|
protected static void |
processCRLC(java.security.cert.X509CRL deltaCRL,
java.security.cert.X509CRL completeCRL,
ExtendedPKIXParameters pkixParams)
If use-deltas is set, verify the issuer and scope of the delta CRL. |
protected static ReasonsMask |
processCRLD(java.security.cert.X509CRL crl,
DistributionPoint dp)
|
protected static java.util.Set |
processCRLF(java.security.cert.X509CRL crl,
java.lang.Object cert,
java.security.cert.X509Certificate defaultCRLSignCert,
java.security.PublicKey defaultCRLSignKey,
ExtendedPKIXParameters paramsPKIX)
Obtain and validate the certification path for the complete CRL issuer. |
protected static java.security.PublicKey |
processCRLG(java.security.cert.X509CRL crl,
java.util.Set keys)
|
protected static java.security.cert.X509CRL |
processCRLH(java.util.Set deltacrls,
java.security.PublicKey key)
|
protected static void |
processCRLI(java.util.Date validDate,
java.security.cert.X509CRL deltacrl,
java.math.BigInteger serialNumber,
CertStatus certStatus,
ExtendedPKIXParameters pkixParams)
|
protected static void |
processCRLJ(java.util.Date validDate,
java.security.cert.X509CRL completecrl,
java.math.BigInteger serialNumber,
CertStatus certStatus)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final java.lang.String TARGET_INFORMATION
private static final java.lang.String NO_REV_AVAIL
private static final java.lang.String AUTHORITY_INFO_ACCESS
Constructor Detail |
---|
RFC3281CertPathUtilities()
Method Detail |
---|
protected static void processAttrCert7(X509AttributeCertificate attrCert, java.security.cert.CertPath certPath, java.security.cert.CertPath holderCertPath, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static void checkCRLs(X509AttributeCertificate attrCert, ExtendedPKIXParameters paramsPKIX, java.security.cert.X509Certificate issuerCert, java.util.Date validDate) throws java.security.cert.CertPathValidatorException
attrCert
- Attribute certificate to check if it is revoked.paramsPKIX
- PKIX parameters.issuerCert
- The issuer certificate of the attribute certificate
attrCert
.validDate
- The date when the certificate revocation status should
be checked.
java.security.cert.CertPathValidatorException
- if the certificate is revoked or the
status cannot be checked or some error occurs.protected static void additionalChecks(X509AttributeCertificate attrCert, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static void processAttrCert5(X509AttributeCertificate attrCert, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static void processAttrCert4(java.security.cert.X509Certificate acIssuerCert, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static void processAttrCert3(java.security.cert.X509Certificate acIssuerCert, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static java.security.cert.CertPathValidatorResult processAttrCert2(java.security.cert.CertPath certPath, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected static java.security.cert.CertPath processAttrCert1(X509AttributeCertificate attrCert, ExtendedPKIXParameters pkixParams) throws java.security.cert.CertPathValidatorException
attrCert
- the attribute certificate.pkixParams
- The PKIX parameters.
AnnotatedException
- if
java.security.cert.CertPathValidatorException
private static void checkCRL(DistributionPoint dp, X509AttributeCertificate attrCert, ExtendedPKIXParameters paramsPKIX, java.util.Date validDate, java.security.cert.X509Certificate issuerCert, CertStatus certStatus, ReasonsMask reasonMask) throws AnnotatedException
cert
.
dp
- The distribution point to consider.attrCert
- The attribute certificate which should be checked.paramsPKIX
- PKIX parameters.validDate
- The date when the certificate revocation status should
be checked.issuerCert
- Certificate to check if it is revoked.reasonMask
- The reasons mask which is already checked.
AnnotatedException
- if the certificate is revoked or the status
cannot be checked or some error occurs.protected static void processCRLB2(DistributionPoint dp, java.lang.Object cert, java.security.cert.X509CRL crl) throws AnnotatedException
AnnotatedException
protected static void processCRLB1(DistributionPoint dp, java.lang.Object cert, java.security.cert.X509CRL crl) throws AnnotatedException
AnnotatedException
protected static ReasonsMask processCRLD(java.security.cert.X509CRL crl, DistributionPoint dp) throws AnnotatedException
AnnotatedException
protected static java.util.Set processCRLF(java.security.cert.X509CRL crl, java.lang.Object cert, java.security.cert.X509Certificate defaultCRLSignCert, java.security.PublicKey defaultCRLSignKey, ExtendedPKIXParameters paramsPKIX) throws AnnotatedException
crl
- CRL which contains revocation information for the certificate
cert
.cert
- The attribute certificate or certificate to check if it is
revoked.defaultCRLSignCert
- The issuer certificate of the certificate
cert
. May be null
.defaultCRLSignKey
- The public key of the issuer certificate
defaultCRLSignCert
. May be null
.paramsPKIX
- paramsPKIX PKIX parameters.
Set
with all keys of possible CRL issuer
certificates.
AnnotatedException
- if the CRL is no valid or the status cannot be
checked or some error occurs.protected static java.security.PublicKey processCRLG(java.security.cert.X509CRL crl, java.util.Set keys) throws AnnotatedException
AnnotatedException
protected static java.security.cert.X509CRL processCRLH(java.util.Set deltacrls, java.security.PublicKey key) throws AnnotatedException
AnnotatedException
protected static java.util.Set processCRLA1i(java.util.Date currentDate, ExtendedPKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.security.cert.X509CRL crl) throws AnnotatedException
AnnotatedException
protected static java.util.Set[] processCRLA1ii(java.util.Date currentDate, ExtendedPKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.security.cert.X509CRL crl) throws AnnotatedException
AnnotatedException
protected static void processCRLC(java.security.cert.X509CRL deltaCRL, java.security.cert.X509CRL completeCRL, ExtendedPKIXParameters pkixParams) throws AnnotatedException
deltaCRL
- The delta CRL.completeCRL
- The complete CRL.pkixParams
- The PKIX paramaters.
AnnotatedException
- if an exception occurs.protected static void processCRLI(java.util.Date validDate, java.security.cert.X509CRL deltacrl, java.math.BigInteger serialNumber, CertStatus certStatus, ExtendedPKIXParameters pkixParams) throws AnnotatedException
AnnotatedException
protected static void processCRLJ(java.util.Date validDate, java.security.cert.X509CRL completecrl, java.math.BigInteger serialNumber, CertStatus certStatus) throws AnnotatedException
AnnotatedException
private static void checkCRL(DistributionPoint dp, ExtendedPKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate defaultCRLSignCert, java.security.PublicKey defaultCRLSignKey, CertStatus certStatus, ReasonsMask reasonMask, java.util.List certPathCerts) throws AnnotatedException
cert
.
dp
- The distribution point to consider.paramsPKIX
- PKIX parameters.cert
- Certificate to check if it is revoked.validDate
- The date when the certificate revocation status should
be checked.defaultCRLSignCert
- The issuer certificate of the certificate
cert
.defaultCRLSignKey
- The public key of the issuer certificate
defaultCRLSignCert
.certStatus
- The current certificate revocation status.reasonMask
- The reasons mask which is already checked.certPathCerts
- The certificates of the certification path.
AnnotatedException
- if the certificate is revoked or the status
cannot be checked or some error occurs.private static void checkCRLs(ExtendedPKIXParameters paramsPKIX, java.security.cert.X509Certificate cert, java.util.Date validDate, java.security.cert.X509Certificate sign, java.security.PublicKey workingPublicKey, java.util.List certPathCerts) throws AnnotatedException
paramsPKIX
- PKIX parameters.cert
- Certificate to check if it is revoked.validDate
- The date when the certificate revocation status should
be checked.sign
- The issuer certificate of the certificate cert
.workingPublicKey
- The public key of the issuer certificate
sign
.certPathCerts
- The certificates of the certification path.
AnnotatedException
- if the certificate is revoked or the status
cannot be checked or some error occurs.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |