org.bouncycastle.jce.provider

Class CertPathValidatorUtilities


public class CertPathValidatorUtilities
extends java.lang.Object

Field Summary

protected static String
ANY_POLICY
protected static String
BASIC_CONSTRAINTS
protected static String
CERTIFICATE_POLICIES
protected static String
CRL_NUMBER
protected static int
CRL_SIGN
protected static String
DELTA_CRL_INDICATOR
protected static String
INHIBIT_ANY_POLICY
protected static String
ISSUING_DISTRIBUTION_POINT
protected static int
KEY_CERT_SIGN
protected static String
KEY_USAGE
protected static String
NAME_CONSTRAINTS
protected static String
POLICY_CONSTRAINTS
protected static String
POLICY_MAPPINGS
protected static String
SUBJECT_ALTERNATIVE_NAME
protected static String[]
crlReasons

Method Summary

protected static void
checkExcludedDN(Set excluded, ASN1Sequence dns)
protected static void
checkExcludedEmail(Set excluded, String email)
protected static void
checkExcludedIP(Set excluded, byte[] ip)
protected static void
checkPermittedDN(Set permitted, ASN1Sequence dns)
protected static void
checkPermittedEmail(Set permitted, String email)
protected static void
checkPermittedIP(Set permitted, byte[] ip)
protected static Collection
findCRLs(X509CRLSelector crlSelect, List crlStores)
Return a Collection of all CRLs found in the CertStore's that are matching the crlSelect criteriums.
protected static TrustAnchor
findTrustAnchor(X509Certificate cert, CertPath certPath, int index, Set trustAnchors)
Search the given Set of TrustAnchor's for one that is the issuer of the given X509 certificate.
protected static AlgorithmIdentifier
getAlgorithmIdentifier(PublicKey key)
protected static X500Principal
getEncodedIssuerPrincipal(X509Certificate cert)
protected static DERObject
getExtensionValue(java.security.cert.X509Extension ext, String oid)
extract the value of the given extension, if it exists.
protected static X500Principal
getIssuerPrincipal(X509CRL crl)
protected static Set
getQualifierSet(ASN1Sequence qualifiers)
protected static X500Principal
getSubjectPrincipal(X509Certificate cert)
protected static Date
getValidDate(PKIXParameters paramsPKIX)
protected static Set
intersectDN(Set permitted, ASN1Sequence dn)
protected static Set
intersectEmail(Set permitted, String email)
protected static Set
intersectIP(Set permitted, byte[] ip)
protected static boolean
isAnyPolicy(Set policySet)
protected static boolean
isSelfIssued(X509Certificate cert)
protected static void
prepareNextCertB1(int i, List[] policyNodes, String id_p, Map m_idp, X509Certificate cert)
protected static PKIXPolicyNode
prepareNextCertB2(int i, List[] policyNodes, String id_p, PKIXPolicyNode validPolicyTree)
protected static boolean
processCertD1i(int index, List[] policyNodes, DERObjectIdentifier pOid, Set pq)
protected static void
processCertD1ii(int index, List[] policyNodes, DERObjectIdentifier _poid, Set _pq)
protected static PKIXPolicyNode
removePolicyNode(PKIXPolicyNode validPolicyTree, List[] policyNodes, PKIXPolicyNode _node)
protected static Set
unionDN(Set excluded, ASN1Sequence dn)
protected static Set
unionEmail(Set excluded, String email)
protected static Set
unionIP(Set excluded, byte[] ip)

Field Details

ANY_POLICY

protected static final String ANY_POLICY

BASIC_CONSTRAINTS

protected static final String BASIC_CONSTRAINTS

CERTIFICATE_POLICIES

protected static final String CERTIFICATE_POLICIES

CRL_NUMBER

protected static final String CRL_NUMBER

CRL_SIGN

protected static final int CRL_SIGN
Field Value:
6

DELTA_CRL_INDICATOR

protected static final String DELTA_CRL_INDICATOR

INHIBIT_ANY_POLICY

protected static final String INHIBIT_ANY_POLICY

ISSUING_DISTRIBUTION_POINT

protected static final String ISSUING_DISTRIBUTION_POINT

KEY_CERT_SIGN

protected static final int KEY_CERT_SIGN
Field Value:
5

KEY_USAGE

protected static final String KEY_USAGE

NAME_CONSTRAINTS

protected static final String NAME_CONSTRAINTS

POLICY_CONSTRAINTS

protected static final String POLICY_CONSTRAINTS

POLICY_MAPPINGS

protected static final String POLICY_MAPPINGS

SUBJECT_ALTERNATIVE_NAME

protected static final String SUBJECT_ALTERNATIVE_NAME

crlReasons

protected static final String[] crlReasons

Method Details

checkExcludedDN

protected static void checkExcludedDN(Set excluded,
                                      ASN1Sequence dns)
            throws CertPathValidatorException

checkExcludedEmail

protected static void checkExcludedEmail(Set excluded,
                                         String email)
            throws CertPathValidatorException

checkExcludedIP

protected static void checkExcludedIP(Set excluded,
                                      byte[] ip)
            throws CertPathValidatorException

checkPermittedDN

protected static void checkPermittedDN(Set permitted,
                                       ASN1Sequence dns)
            throws CertPathValidatorException

checkPermittedEmail

protected static void checkPermittedEmail(Set permitted,
                                          String email)
            throws CertPathValidatorException

checkPermittedIP

protected static void checkPermittedIP(Set permitted,
                                       byte[] ip)
            throws CertPathValidatorException

findCRLs

protected static final Collection findCRLs(X509CRLSelector crlSelect,
                                           List crlStores)
            throws AnnotatedException
Return a Collection of all CRLs found in the CertStore's that are matching the crlSelect criteriums.
Parameters:
crlSelect - a CertSelector object that will be used to select the CRLs
crlStores - a List containing only CertStore objects. These are used to search for CRLs
Returns:
a Collection of all found CRL objects. May be empty but never null.

findTrustAnchor

protected static final TrustAnchor findTrustAnchor(X509Certificate cert,
                                                   CertPath certPath,
                                                   int index,
                                                   Set trustAnchors)
            throws CertPathValidatorException
Search the given Set of TrustAnchor's for one that is the issuer of the given X509 certificate.
Parameters:
cert - the X509 certificate
trustAnchors - a Set of TrustAnchor's
Returns:
the TrustAnchor object if found or null if not.

getAlgorithmIdentifier

protected static AlgorithmIdentifier getAlgorithmIdentifier(PublicKey key)
            throws CertPathValidatorException

getEncodedIssuerPrincipal

protected static X500Principal getEncodedIssuerPrincipal(X509Certificate cert)

getExtensionValue

protected static DERObject getExtensionValue(java.security.cert.X509Extension ext,
                                             String oid)
            throws AnnotatedException
extract the value of the given extension, if it exists.

getIssuerPrincipal

protected static X500Principal getIssuerPrincipal(X509CRL crl)

getQualifierSet

protected static final Set getQualifierSet(ASN1Sequence qualifiers)
            throws CertPathValidatorException

getSubjectPrincipal

protected static X500Principal getSubjectPrincipal(X509Certificate cert)

getValidDate

protected static Date getValidDate(PKIXParameters paramsPKIX)

intersectDN

protected static Set intersectDN(Set permitted,
                                 ASN1Sequence dn)

intersectEmail

protected static Set intersectEmail(Set permitted,
                                    String email)

intersectIP

protected static Set intersectIP(Set permitted,
                                 byte[] ip)

isAnyPolicy

protected static boolean isAnyPolicy(Set policySet)

isSelfIssued

protected static boolean isSelfIssued(X509Certificate cert)

prepareNextCertB1

protected static void prepareNextCertB1(int i,
                                        List[] policyNodes,
                                        String id_p,
                                        Map m_idp,
                                        X509Certificate cert)
            throws AnnotatedException,
                   CertPathValidatorException

prepareNextCertB2

protected static PKIXPolicyNode prepareNextCertB2(int i,
                                                  List[] policyNodes,
                                                  String id_p,
                                                  PKIXPolicyNode validPolicyTree)

processCertD1i

protected static boolean processCertD1i(int index,
                                        List[] policyNodes,
                                        DERObjectIdentifier pOid,
                                        Set pq)

processCertD1ii

protected static void processCertD1ii(int index,
                                      List[] policyNodes,
                                      DERObjectIdentifier _poid,
                                      Set _pq)

removePolicyNode

protected static PKIXPolicyNode removePolicyNode(PKIXPolicyNode validPolicyTree,
                                                 List[] policyNodes,
                                                 PKIXPolicyNode _node)

unionDN

protected static Set unionDN(Set excluded,
                             ASN1Sequence dn)

unionEmail

protected static Set unionEmail(Set excluded,
                                String email)

unionIP

protected static Set unionIP(Set excluded,
                             byte[] ip)