org.bouncycastle.jce.provider
Class PKIXAttrCertPathValidatorSpi

java.lang.Object
  java.security.cert.CertPathValidatorSpi
      org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi

public class PKIXAttrCertPathValidatorSpi
extends java.security.cert.CertPathValidatorSpi

CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.

See Also:

ExtendedPKIXParameters

Constructor Summary

PKIXAttrCertPathValidatorSpi()

Method Summary

java.security.cert.CertPathValidatorResult

engineValidate(java.security.cert.CertPath certPath, java.security.cert.CertPathParameters params) Validates an attribute certificate with the given certificate path.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PKIXAttrCertPathValidatorSpi

public PKIXAttrCertPathValidatorSpi()

Method Detail

engineValidate

public java.security.cert.CertPathValidatorResult engineValidate(java.security.cert.CertPath certPath,
                                                                 java.security.cert.CertPathParameters params)
                                                          throws java.security.cert.CertPathValidatorException,
                                                                 java.security.InvalidAlgorithmParameterException

Validates an attribute certificate with the given certificate path.

params must be an instance of ExtendedPKIXParameters.

The target constraints in the params must be an X509AttributeCertStoreSelector with at least the attribute certificate criterion set. Obey that also target informations may be necessary to correctly validate this attribute certificate.

The attribute certificate issuer must be added to the trusted attribute issuers with ExtendedPKIXParameters.setTrustedACIssuers(Set).

Specified by:

engineValidate in class java.security.cert.CertPathValidatorSpi

Parameters:

certPath - The certificate path which belongs to the attribute certificate issuer public key certificate.

params - The PKIX parameters.

Returns:

A PKIXCertPathValidatorResult of the result of validating the certPath.

Throws:

java.security.InvalidAlgorithmParameterException - if params is inappropriate for this validator.

java.security.cert.CertPathValidatorException - if the verification fails.