eu.emi.security.authn.x509.helpers.pkipath.bc

Class CertPathValidatorUtilitiesCanl

java.lang.Object

eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities

eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilitiesCanl

public class CertPathValidatorUtilitiesCanl
extends CertPathValidatorUtilities

Exposes otherwise hidden methods from CertPathValidatorUtilitiesCanl plus in some cases fixes bugs plus produces errors in the desired format.

Field Summary

Fields inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities

ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME

Constructor Summary

Constructors

Constructor and Description
CertPathValidatorUtilitiesCanl()

Method Summary

Modifier and Type	Method and Description
static java.util.Collection<?>	findIssuerCerts(java.security.cert.X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
static java.security.cert.TrustAnchor	findTrustAnchorPublic(java.security.cert.X509Certificate cert, java.util.Set<?> trustAnchors, java.lang.String sigProvider)
protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore>	getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
protected static java.util.Set	getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) As CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters) but it returns also expired CRLs.
protected static java.util.Set<?>	getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.security.cert.X509Certificate cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
protected static java.util.Set<java.security.cert.X509CRL>	getDeltaCRLs2(java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.security.cert.X509CRL completeCRL) Fetches delta CRLs according to RFC 3280 section 5.2.4.
protected static org.bouncycastle.asn1.ASN1Primitive	getExtensionValue(java.security.cert.X509Extension ext, java.lang.String oid)
static java.math.BigInteger	getSerialNumber(java.lang.Object cert)

Methods inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities

checkCRLsNotEmpty, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAdditionalStoresFromAltNames, getAdditionalStoresFromCRLDistributionPoint, getAlgorithmIdentifier, getCertStatus, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getNextWorkingKey, getQualifierSet, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertPathValidatorUtilitiesCanl

public CertPathValidatorUtilitiesCanl()

Method Detail

findTrustAnchorPublic

public static java.security.cert.TrustAnchor findTrustAnchorPublic(java.security.cert.X509Certificate cert,
                                                                   java.util.Set<?> trustAnchors,
                                                                   java.lang.String sigProvider)
                                                            throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

findIssuerCerts

public static java.util.Collection<?> findIssuerCerts(java.security.cert.X509Certificate cert,
                                                      org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
                                               throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getCompleteCRLs2

protected static java.util.Set<?> getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp,
                                                   java.security.cert.X509Certificate cert,
                                                   java.util.Date currentDate,
                                                   org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
                                            throws SimpleValidationErrorException

Throws:

SimpleValidationErrorException

getCompleteCRLs

protected static java.util.Set getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp,
                                               java.lang.Object cert,
                                               java.util.Date currentDate,
                                               org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
                                        throws org.bouncycastle.jce.provider.AnnotatedException

As CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters) but it returns also expired CRLs.

Parameters:

dp -

cert -

currentDate -

paramsPKIX -

Returns:

A Set of X509CRLs.

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getDeltaCRLs2

protected static java.util.Set<java.security.cert.X509CRL> getDeltaCRLs2(java.util.Date currentDate,
                                                                         org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX,
                                                                         java.security.cert.X509CRL completeCRL)
                                                                  throws SimpleValidationErrorException

Fetches delta CRLs according to RFC 3280 section 5.2.4.

Parameters:

currentDate - The date for which the delta CRLs must be valid.

paramsPKIX - The extended PKIX parameters.

completeCRL - The complete CRL the delta CRL is for.

Returns:

A Set of X509CRLs with delta CRLs.

Throws:

SimpleValidationErrorException - if an exception occurs while picking the delta CRLs.

getExtensionValue

protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(java.security.cert.X509Extension ext,
                                                                       java.lang.String oid)
                                                                throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getAdditionalStoresFromCRLDistributionPoint

protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp,
                                                                                                                  org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
                                                                                                           throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getSerialNumber

public static java.math.BigInteger getSerialNumber(java.lang.Object cert)