Package eu.emi.security.authn.x509.helpers.pkipath.bc

Class FixedBCPKIXCertPathReviewer

java.lang.Object
org.bouncycastle.x509.PKIXCertPathReviewer
eu.emi.security.authn.x509.helpers.pkipath.bc.FixedBCPKIXCertPathReviewer
public class FixedBCPKIXCertPathReviewer extends org.bouncycastle.x509.PKIXCertPathReviewer
PKIXCertPathReviewer
Validation of X.509 Certificate Paths. Tries to find as much errors in the Path as possible. Copy note: unfortunately a lot of code can not be inherited, as too many methods are private + are very long :-(

  • Field Details

    • RESOURCE_NAME

      public static final String RESOURCE_NAME
      See Also:

    • pkixParams

      protected ExtPKIXParameters2 pkixParams

    • CERTIFICATE_POLICIES

      protected static final String CERTIFICATE_POLICIES

    • BASIC_CONSTRAINTS

      protected static final String BASIC_CONSTRAINTS

    • POLICY_MAPPINGS

      protected static final String POLICY_MAPPINGS

    • SUBJECT_ALTERNATIVE_NAME

      protected static final String SUBJECT_ALTERNATIVE_NAME

    • NAME_CONSTRAINTS

      protected static final String NAME_CONSTRAINTS

    • KEY_USAGE

      protected static final String KEY_USAGE

    • INHIBIT_ANY_POLICY

      protected static final String INHIBIT_ANY_POLICY

    • ISSUING_DISTRIBUTION_POINT

      protected static final String ISSUING_DISTRIBUTION_POINT

    • DELTA_CRL_INDICATOR

      protected static final String DELTA_CRL_INDICATOR

    • POLICY_CONSTRAINTS

      protected static final String POLICY_CONSTRAINTS

    • CRL_NUMBER

      protected static final String CRL_NUMBER

    • ANY_POLICY

      protected static final String ANY_POLICY
      See Also:

    • KEY_CERT_SIGN

      protected static final int KEY_CERT_SIGN
      See Also:

    • CRL_SIGN

      protected static final int CRL_SIGN
      See Also:

    • crlReasons

      protected static final String[] crlReasons

  • Constructor Details

    • FixedBCPKIXCertPathReviewer

      public FixedBCPKIXCertPathReviewer(CertPath certPath, ExtPKIXParameters2 params) throws org.bouncycastle.x509.CertPathReviewerException
      Creates a PKIXCertPathReviewer and initializes it with the given CertPath and PKIXParameters params
      Parameters:
      certPath - the CertPath to validate
      params - the PKIXParameters to use
      Throws:
      org.bouncycastle.x509.CertPathReviewerException - if the certPath is empty

  • Method Details

    • init

      public void init(CertPath certPath, ExtPKIXParameters2 params) throws org.bouncycastle.x509.CertPathReviewerException
      Initializes the PKIXCertPathReviewer with the given CertPath and PKIXParameters params
      Parameters:
      certPath - the CertPath to validate
      params - the PKIXParameters to use
      Throws:
      org.bouncycastle.x509.CertPathReviewerException - if the certPath is empty
      IllegalStateException - if the PKIXCertPathReviewer is already initialized

    • getValidityDate

      protected static Date getValidityDate(PKIXParameters paramsPKIX, Date currentDate)

    • addError

      protected void addError(SimpleValidationErrorException msg, int index)

    • doChecks

      protected void doChecks()
      Overrides:
      doChecks in class org.bouncycastle.x509.PKIXCertPathReviewer

    • checkRevocation

      protected void checkRevocation(ExtPKIXParameters2 paramsPKIX, X509Certificate cert, Date validDate, X509Certificate sign, PublicKey workingPublicKey) throws SimpleValidationErrorException
      Throws:
      SimpleValidationErrorException

    • getCRLDistUrls

      protected Vector getCRLDistUrls(org.bouncycastle.asn1.x509.CRLDistPoint crlDistPoints)
      Overrides:
      getCRLDistUrls in class org.bouncycastle.x509.PKIXCertPathReviewer

    • getEncodedIssuerPrincipal

      protected static X500Principal getEncodedIssuerPrincipal(Object arg0)

    • getValidDate

      protected static Date getValidDate(PKIXParameters arg0)

    • getSubjectPrincipal

      protected static X500Principal getSubjectPrincipal(X509Certificate arg0)

    • isSelfIssued

      protected static boolean isSelfIssued(X509Certificate arg0)

    • getExtensionValue

      protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(X509Extension arg0, String arg1) throws org.bouncycastle.jce.provider.AnnotatedException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException

    • getIssuerPrincipal

      protected static X500Principal getIssuerPrincipal(X509CRL arg0)

    • getAlgorithmIdentifier

      protected static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier(PublicKey arg0) throws CertPathValidatorException
      Throws:
      CertPathValidatorException

    • getQualifierSet

      protected static final Set getQualifierSet(org.bouncycastle.asn1.ASN1Sequence arg0) throws CertPathValidatorException
      Throws:
      CertPathValidatorException

    • removePolicyNode

      protected static org.bouncycastle.jce.provider.PKIXPolicyNode removePolicyNode(org.bouncycastle.jce.provider.PKIXPolicyNode arg0, List[] arg1, org.bouncycastle.jce.provider.PKIXPolicyNode arg2)

    • processCertD1i

      protected static boolean processCertD1i(int arg0, List[] arg1, org.bouncycastle.asn1.ASN1ObjectIdentifier arg2, Set arg3)

    • processCertD1ii

      protected static void processCertD1ii(int arg0, List[] arg1, org.bouncycastle.asn1.ASN1ObjectIdentifier arg2, Set arg3)

    • prepareNextCertB1

      protected static void prepareNextCertB1(int arg0, List[] arg1, String arg2, Map arg3, X509Certificate arg4) throws org.bouncycastle.jce.provider.AnnotatedException, CertPathValidatorException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException
      CertPathValidatorException

    • prepareNextCertB2

      protected static org.bouncycastle.jce.provider.PKIXPolicyNode prepareNextCertB2(int arg0, List[] arg1, String arg2, org.bouncycastle.jce.provider.PKIXPolicyNode arg3)

    • isAnyPolicy

      protected static boolean isAnyPolicy(Set arg0)

    • findCertificates

      protected static Collection findCertificates(org.bouncycastle.x509.X509CertStoreSelector arg0, List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException

    • findCertificates

      protected static Collection findCertificates(org.bouncycastle.jcajce.PKIXCertStoreSelector arg0, List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException

    • findCertificates

      protected static Collection findCertificates(org.bouncycastle.x509.X509AttributeCertStoreSelector arg0, List arg1) throws org.bouncycastle.jce.provider.AnnotatedException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException

    • getCertStatus

      protected static void getCertStatus(Date arg0, X509CRL arg1, Object arg2, org.bouncycastle.x509.CertStatus arg3) throws org.bouncycastle.jce.provider.AnnotatedException
      Throws:
      org.bouncycastle.jce.provider.AnnotatedException

    • getNextWorkingKey

      protected static PublicKey getNextWorkingKey(List arg0, int arg1) throws CertPathValidatorException
      Throws:
      CertPathValidatorException

    • verifyX509Certificate

      protected static void verifyX509Certificate(X509Certificate arg0, PublicKey arg1, String arg2) throws GeneralSecurityException
      Throws:
      GeneralSecurityException