|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.rsa.certj.spi.path.CertPathCtx
This class captures certification-path processing information
such as a set of trusted
certificates or the validation time. It can also refine the path
validation processing by using option flags such as
PF_IGNORE_REVOCATION
.
Field Summary |
|
static int |
PF_IGNORE_AIA
Indicates that the path processing will not use information in authority information access (AIA) extensions when building or validating certificate paths. |
static int |
PF_IGNORE_BASIC_CONSTRAINTS
Indicates that the path processing will not verify the path length established by the basic constraints extensions in the path certificates. |
static int |
PF_IGNORE_CRITICALITY
Indicates that the path processing will not fail if any unrecognized critical extensions are encountered in the path. |
static int |
PF_IGNORE_CRL_DP
Indicates that the path processing will not use information in CRL distribution points (DP) extensions when checking certificate revocation status. |
static int |
PF_IGNORE_CRL_IDP
Indicates that the path processing will not use issuing distribution point (IDP) information contained in a CRL. |
static int |
PF_IGNORE_CRL_NUMBER
Indicates that the path processing will not use CRL number extensions when selecting the most current CRL. |
static int |
PF_IGNORE_DELTA_CRL
Indicates that the path processing will not use delta CRLs when checking certificate revocation status. |
static int |
PF_IGNORE_KEY_ID_CHAINING
Indicates that the path processing will not verify the subject key identifier / authority key identifier linkage between adjacent certificates in the path. |
static int |
PF_IGNORE_KEY_USAGE
Indicates that the path processing will not enforce key usage extensions contained within certificates, even if marked critical. |
static int |
PF_IGNORE_NAME_CHAINING
Indicates that the path processing will not verify the subject name / issuer name linkage between adjacent certificates in the path. |
static int |
PF_IGNORE_NAME_CONSTRAINTS
Indicates that the path processing will not verify that the
subject name, and that |
static int |
PF_IGNORE_REVOCATION
Indicates that the path processing will not check the revocation status of each certificate. |
static int |
PF_IGNORE_SIGNATURE
Indicates that the path processing will not verify certificate signatures. |
static int |
PF_IGNORE_UID_CHAINING
Indicates that the path processing will not verify the subject unique identifier / issuer unique identifer linkage between adjacent certificates in the path. |
static int |
PF_IGNORE_VALIDATION_TIME
Indicates that the path processing will not check the validity period contained within each certificate. |
Constructor Summary |
|
CertPathCtx(int pathOptions,
Certificate[] trustedCerts,
byte[][] policies,
Date validationTime,
DatabaseService database)
Constructs a |
Method Summary |
|
getDatabase()
Gets a |
|
int |
getPathOptions()
Gets the path options that indicate the checking done during certification-path processing. |
byte[][] |
getPolicies()
Gets a set of initial policy identifiers that identify one or more certificate policies. |
getTrustedCerts()
Gets one or more certificates whose public keys are trusted by the application. |
|
getValidationTime()
Gets the time for which the certification path is validated. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final int PF_IGNORE_SIGNATURE
public static final int PF_IGNORE_VALIDATION_TIME
public static final int PF_IGNORE_REVOCATION
public static final int PF_IGNORE_NAME_CHAINING
public static final int PF_IGNORE_NAME_CONSTRAINTS
subjectAltName
extensions
are consistent with the name constraints contained in the
path certificates.public static final int PF_IGNORE_BASIC_CONSTRAINTS
public static final int PF_IGNORE_KEY_USAGE
CertSign
flag will be ignored.public static final int PF_IGNORE_CRITICALITY
public static final int PF_IGNORE_UID_CHAINING
public static final int PF_IGNORE_KEY_ID_CHAINING
public static final int PF_IGNORE_CRL_DP
public static final int PF_IGNORE_AIA
public static final int PF_IGNORE_CRL_NUMBER
public static final int PF_IGNORE_DELTA_CRL
public static final int PF_IGNORE_CRL_IDP
Constructor Detail |
public CertPathCtx(int pathOptions, Certificate[] trustedCerts, byte[][] policies, Date validationTime, DatabaseService database)
CertPathCtx
object and initializes it
with the given values.Parameters
pathOptions | An | ||
trustedCerts | A | ||
policies | An array of | ||
validationTime | A | ||
database | A |
Method Detail |
public int getPathOptions()
Returns
int
value that represents a set
of one-bit path option flags. Any of
the PF_IGNORE_*
flags, previously
listed in this class, can be used as path options.public Certificate[] getTrustedCerts()
Returns
Certificate
array that holds
the trusted certificates.public byte[][] getPolicies()
Returns
byte
arrays
that holds a set of policy identifiers.public Date getValidationTime()
Returns
Date
that holds the validation time.public DatabaseService getDatabase()
DatabaseService
object, which holds a list of
the database service providers used to retrieve certificates and CRLs
for path processing operations.
Returns
DatabaseService
object, which holds a list of
the database service providers used to retrieve certificates and CRLs
for path processing operations.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |