eu.emi.security.authn.x509.helpers.pkipath.bc
Class FixedBCPKIXCertPathReviewer

java.lang.Object
  extended by org.bouncycastle.jce.provider.CertPathValidatorUtilities
      extended by org.bouncycastle.x509.PKIXCertPathReviewer
          extended by eu.emi.security.authn.x509.helpers.pkipath.bc.FixedBCPKIXCertPathReviewer

public class FixedBCPKIXCertPathReviewer
extends PKIXCertPathReviewer

PKIXCertPathReviewer
Validation of X.509 Certificate Paths. Tries to find as much errors in the Path as possible. Copy note: unfortunately a lot of code can not be inherited, as too many methods are private + are very long :-(


Field Summary
protected  ExtPKIXParameters pkixParams
           
static String RESOURCE_NAME
           
 
Fields inherited from class org.bouncycastle.x509.PKIXCertPathReviewer
certPath, certs, errors, n, notifications, policyTree, subjectPublicKey, trustAnchor, validDate
 
Fields inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
 
Constructor Summary
FixedBCPKIXCertPathReviewer(CertPath certPath, ExtPKIXParameters params)
          Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params
 
Method Summary
protected  void addError(SimpleValidationErrorException msg, int index)
           
protected  void checkRevocation(ExtPKIXParameters paramsPKIX, X509Certificate cert, Date validDate, X509Certificate sign, PublicKey workingPublicKey)
           
protected  void doChecks()
           
protected  Vector getCRLDistUrls(CRLDistPoint crlDistPoints)
           
 void init(CertPath certPath, ExtPKIXParameters params)
          Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params
 
Methods inherited from class org.bouncycastle.x509.PKIXCertPathReviewer
addError, addError, addNotification, addNotification, checkCRLs, checkRevocation, getCertPath, getCertPathSize, getErrors, getErrors, getNotifications, getNotifications, getOCSPUrls, getPolicyTree, getSubjectPublicKey, getTrustAnchor, getTrustAnchors, init, isValidCertPath
 
Methods inherited from class org.bouncycastle.jce.provider.CertPathValidatorUtilities
addAdditionalStoreFromLocation, addAdditionalStoresFromAltNames, addAdditionalStoresFromCRLDistributionPoint, findCertificates, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAlgorithmIdentifier, getCertStatus, getCompleteCRLs, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getEncodedIssuerPrincipal, getExtensionValue, getIssuerPrincipal, getNextWorkingKey, getQualifierSet, getSubjectPrincipal, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

RESOURCE_NAME

public static final String RESOURCE_NAME
See Also:
Constant Field Values

pkixParams

protected ExtPKIXParameters pkixParams
Constructor Detail

FixedBCPKIXCertPathReviewer

public FixedBCPKIXCertPathReviewer(CertPath certPath,
                                   ExtPKIXParameters params)
                            throws CertPathReviewerException
Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params

Parameters:
certPath - the CertPath to validate * @param params the PKIXParameters to use
Throws:
CertPathReviewerException - if the certPath is empty
Method Detail

init

public void init(CertPath certPath,
                 ExtPKIXParameters params)
          throws CertPathReviewerException
Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params

Parameters:
certPath - the CertPath to validate
params - the PKIXParameters to use
Throws:
CertPathReviewerException - if the certPath is empty
IllegalStateException - if the PKIXCertPathReviewer is already initialized

addError

protected void addError(SimpleValidationErrorException msg,
                        int index)

doChecks

protected void doChecks()
Overrides:
doChecks in class PKIXCertPathReviewer

checkRevocation

protected void checkRevocation(ExtPKIXParameters paramsPKIX,
                               X509Certificate cert,
                               Date validDate,
                               X509Certificate sign,
                               PublicKey workingPublicKey)
                        throws SimpleValidationErrorException
Throws:
SimpleValidationErrorException

getCRLDistUrls

protected Vector getCRLDistUrls(CRLDistPoint crlDistPoints)
Overrides:
getCRLDistUrls in class PKIXCertPathReviewer


Copyright © 2012-2013 European Middleware Initiative. All Rights Reserved.