Class CertificateVerification


  • public class CertificateVerification
    extends Object
    This class consists of some methods that allow you to verify certificates.
    • Constructor Detail

      • CertificateVerification

        public CertificateVerification()
    • Method Detail

      • verifyCertificate

        public static String verifyCertificate​(X509Certificate cert,
                                               Collection<CRL> crls,
                                               Calendar calendar)
        Verifies a single certificate.
        Parameters:
        cert - the certificate to verify
        crls - the certificate revocation list or null
        calendar - the date or null for the current date
        Returns:
        a String with the error description or null if no error
      • verifyCertificates

        public static List<VerificationException> verifyCertificates​(Certificate[] certs,
                                                                     KeyStore keystore,
                                                                     Collection<CRL> crls,
                                                                     Calendar calendar)
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        crls - the certificate revocation list or null
        calendar - the date or null for the current date
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
      • verifyCertificates

        public static List<VerificationException> verifyCertificates​(Certificate[] certs,
                                                                     KeyStore keystore,
                                                                     Calendar calendar)
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        calendar - the date or null for the current date
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
      • verifyOcspCertificates

        public static boolean verifyOcspCertificates​(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp,
                                                     KeyStore keystore,
                                                     String provider)
        Verifies an OCSP response against a KeyStore.
        Parameters:
        ocsp - the OCSP response
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found
      • verifyTimestampCertificates

        public static boolean verifyTimestampCertificates​(org.bouncycastle.tsp.TimeStampToken ts,
                                                          KeyStore keystore,
                                                          String provider)
        Verifies a time stamp against a KeyStore.
        Parameters:
        ts - the time stamp
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found