public class CertPathValidatorUtilitiesCanl extends CertPathValidatorUtilities
CertPathValidatorUtilitiesCanl
plus in some
cases fixes bugs plus produces errors in the desired format.ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
Constructor and Description |
---|
CertPathValidatorUtilitiesCanl() |
Modifier and Type | Method and Description |
---|---|
static java.util.Collection<?> |
findIssuerCerts(java.security.cert.X509Certificate cert,
org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) |
static java.security.cert.TrustAnchor |
findTrustAnchorPublic(java.security.cert.X509Certificate cert,
java.util.Set<?> trustAnchors,
java.lang.String sigProvider) |
protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore> |
getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp,
org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) |
protected static java.util.Set |
getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp,
java.lang.Object cert,
java.util.Date currentDate,
org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
As
CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs. |
protected static java.util.Set<?> |
getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp,
java.security.cert.X509Certificate cert,
java.util.Date currentDate,
org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) |
protected static java.util.Set<java.security.cert.X509CRL> |
getDeltaCRLs2(java.util.Date currentDate,
org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX,
java.security.cert.X509CRL completeCRL)
Fetches delta CRLs according to RFC 3280 section 5.2.4.
|
protected static org.bouncycastle.asn1.ASN1Primitive |
getExtensionValue(java.security.cert.X509Extension ext,
java.lang.String oid) |
static java.math.BigInteger |
getSerialNumber(java.lang.Object cert) |
checkCRLsNotEmpty, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAdditionalStoresFromAltNames, getAdditionalStoresFromCRLDistributionPoint, getAlgorithmIdentifier, getCertStatus, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getNextWorkingKey, getQualifierSet, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate
public static java.security.cert.TrustAnchor findTrustAnchorPublic(java.security.cert.X509Certificate cert, java.util.Set<?> trustAnchors, java.lang.String sigProvider) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
public static java.util.Collection<?> findIssuerCerts(java.security.cert.X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static java.util.Set<?> getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, java.security.cert.X509Certificate cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws SimpleValidationErrorException
SimpleValidationErrorException
protected static java.util.Set getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, java.lang.Object cert, java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws org.bouncycastle.jce.provider.AnnotatedException
CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs.dp
- cert
- currentDate
- paramsPKIX
- Set
of X509CRL
s.org.bouncycastle.jce.provider.AnnotatedException
protected static java.util.Set<java.security.cert.X509CRL> getDeltaCRLs2(java.util.Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, java.security.cert.X509CRL completeCRL) throws SimpleValidationErrorException
currentDate
- The date for which the delta CRLs must be valid.paramsPKIX
- The extended PKIX parameters.completeCRL
- The complete CRL the delta CRL is for.Set
of X509CRL
s with delta CRLs.SimpleValidationErrorException
- if an exception occurs while picking the
delta CRLs.protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(java.security.cert.X509Extension ext, java.lang.String oid) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
protected static java.util.List<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException
org.bouncycastle.jce.provider.AnnotatedException
public static java.math.BigInteger getSerialNumber(java.lang.Object cert)