org.bouncycastle.jce.provider
Class PKIXAttrCertPathValidatorSpi
java.lang.Object
java.security.cert.CertPathValidatorSpi
org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi
public class PKIXAttrCertPathValidatorSpi
- extends java.security.cert.CertPathValidatorSpi
CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
- See Also:
ExtendedPKIXParameters
Method Summary |
java.security.cert.CertPathValidatorResult |
engineValidate(java.security.cert.CertPath certPath,
java.security.cert.CertPathParameters params)
Validates an attribute certificate with the given certificate path. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PKIXAttrCertPathValidatorSpi
public PKIXAttrCertPathValidatorSpi()
engineValidate
public java.security.cert.CertPathValidatorResult engineValidate(java.security.cert.CertPath certPath,
java.security.cert.CertPathParameters params)
throws java.security.cert.CertPathValidatorException,
java.security.InvalidAlgorithmParameterException
- Validates an attribute certificate with the given certificate path.
params
must be an instance of
ExtendedPKIXParameters
.
The target constraints in the params
must be an
X509AttributeCertStoreSelector
with at least the attribute
certificate criterion set. Obey that also target informations may be
necessary to correctly validate this attribute certificate.
The attribute certificate issuer must be added to the trusted attribute
issuers with ExtendedPKIXParameters.setTrustedACIssuers(Set)
.
- Specified by:
engineValidate
in class java.security.cert.CertPathValidatorSpi
- Parameters:
certPath
- The certificate path which belongs to the attribute
certificate issuer public key certificate.params
- The PKIX parameters.
- Returns:
- A
PKIXCertPathValidatorResult
of the result of
validating the certPath
.
- Throws:
java.security.InvalidAlgorithmParameterException
- if params
is
inappropriate for this validator.
java.security.cert.CertPathValidatorException
- if the verification fails.