|
Préférences
Moteurs de recherche
|
|||||||||||||||||||
JavaTM 2 Platform Std. Ed. v1.4.2
java.security.cert
|
Constructor Summary | |
protected |
PKIXCertPathChecker()
Default constructor. |
Method Summary | |
abstract void |
check(Certificate cert,
Collection unresolvedCritExts)
Performs the check(s) on the specified certificate using its internal state and removes any critical extensions that it processes from the specified collection of OID strings that represent the unresolved critical extensions. |
Object |
clone()
Returns a clone of this object. |
abstract Set |
getSupportedExtensions()
Returns an immutable Set of X.509 certificate extensions
that this PKIXCertPathChecker supports (i.e. |
abstract void |
init(boolean forward)
Initializes the internal state of this PKIXCertPathChecker . |
abstract boolean |
isForwardCheckingSupported()
Indicates if forward checking is supported. |
Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
protected PKIXCertPathChecker()
Method Detail |
public abstract void init(boolean forward) throws CertPathValidatorException
PKIXCertPathChecker
.
The forward
flag specifies the order that
certificates will be passed to the check
method
(forward or reverse). A PKIXCertPathChecker
must
support reverse checking and may support forward checking.
forward
- the order that certificates are presented to
the check
method. If true
, certificates
are presented from target to most-trusted CA (forward); if
false
, from most-trusted CA to target (reverse).
CertPathValidatorException
- if this
PKIXCertPathChecker
is unable to check certificates in
the specified order; it should never be thrown if the forward flag
is false since reverse checking must be supportedpublic abstract boolean isForwardCheckingSupported()
PKIXCertPathChecker
to perform
its checks when certificates are presented to the check
method in the forward direction (from target to most-trusted CA).
true
if forward checking is supported,
false
otherwisepublic abstract Set getSupportedExtensions()
Set
of X.509 certificate extensions
that this PKIXCertPathChecker
supports (i.e. recognizes, is
able to process), or null
if no extensions are supported.
Each element of the set is a String
representing the
Object Identifier (OID) of the X.509 extension that is supported.
The OID is represented by a set of nonnegative integers separated by
periods.
All X.509 certificate extensions that a PKIXCertPathChecker
might possibly be able to process should be included in the set.
Set
of X.509 extension OIDs (in
String
format) supported by this
PKIXCertPathChecker
, or null
if no
extensions are supportedpublic abstract void check(Certificate cert, Collection unresolvedCritExts) throws CertPathValidatorException
init
method.
cert
- the Certificate
to be checkedunresolvedCritExts
- a Collection
of OID strings
representing the current set of unresolved critical extensions
CertPathValidatorException
- if the specified certificate does
not pass the checkpublic Object clone()
Object.clone()
method.
All subclasses which maintain state must support and
override this method, if necessary.
PKIXCertPathChecker
Cloneable