java.lang.Object | |
↳ | java.security.cert.PKIXCertPathChecker |
The class specifying the interface to extend the certification path
validation algorithm by checks to perform on an X509Certificate
.
The checks are added to a certification path validation using the
setCertPathCheckers
or
addCertPathChecker
of the PKIXParameters
and PKIXBuilderParameters
class respectively. The
check
method will be called for each
certificate processed by a CertPathBuilder
of CertPathValidator
.
A PKIXCertPathChecker
implementation must support reverse
checking (from trusted CA to target) and may support forward checking
(from target to trusted CA). The return value of isForwardCheckingSupported
indicates whether forward checking is supported.
Protected Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Creates a new
PKIXCertPathChecker instance. |
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Checks the specified certificate and removes the processed critical
extensions from the specified list of X.509 extension OIDs.
| |||||||||||
Clones this
PKIXCertPathChecker instance. | |||||||||||
Returns the list of extensions of X.509 certificates that this
PKIXCertPathChecker is able to process. | |||||||||||
Initializes this
PKIXCertPathChecker instance for specified
checking direction. | |||||||||||
Returns whether this
PKIXCertPathChecker instance supports
forward checking. |
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
Checks the specified certificate and removes the processed critical extensions from the specified list of X.509 extension OIDs.
cert | the certificate. |
---|---|
unresolvedCritExts | the list of critical X.509 extension OID strings. |
CertPathValidatorException | if check(s) fail on the specified certificate. |
---|
Clones this PKIXCertPathChecker
instance.
Returns the list of extensions of X.509 certificates that this PKIXCertPathChecker
is able to process.
PKIXCertPathChecker
is able to process, or null
if there
are none.
Initializes this PKIXCertPathChecker
instance for specified
checking direction.
forward | the direction of the certification path processing, true if the certificates are processed in forward direction
(from target to trusted CA), false if processed in
reverse direction (from trusted CA to target). |
---|
CertPathValidatorException | if initialization of this PKIXCertPathChecker
instance fails, or if it cannot process certificates in the
specified order.
|
---|
Returns whether this PKIXCertPathChecker
instance supports
forward checking.
true
if this PKIXCertPathChecker
instance
supports forward checking, otherwise false
.