eu.emi.security.authn.x509.impl (canl 2.8.3 API)

package eu.emi.security.authn.x509.impl

Contains implementation classes of the library. To simplify the implementation is not hidden in any way: it is possible to extend the existing classes, or to create custom validators using the existing certificate checker classes.

Related Packages

Package

Description

eu.emi.security.authn.x509

Contains API of the library.

eu.emi.security.authn.x509.helpers

Consists of general purpose classes, helping to implement generic functionality of the library.

eu.emi.security.authn.x509.proxy

Contains classes which allow to generate proxy certificates and to extract information from them.
Class

Description

AbstractHostnameToCertificateChecker

Deprecated.
Use SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) instead.

CertificateUtils

Utility class with methods simplifying typical certificate related operations.

CertificateUtils.Encoding

Definition of the encoding that can be used for reading or writing certificates or keys.

CertificateUtils.MissingPasswordForEncryptedKeyException

CRLParameters

Manages configuration of CRL sources, used in non-openssl truststores.

DERCredential

Wraps certificate and private key stored in DER format.

DirectoryCertChainValidator

The certificate validator which uses a flexible set of certificates and CRL locations.

FormatMode

String output mode.

HostnameMismatchCallback

Deprecated.
use HostnameMismatchCallback2 and the related classes

HostnameMismatchCallback2

Implementation should react to the event when remote SSL peer's certificate is not matching its hostname.

InMemoryKeystoreCertChainValidator

The certificate validator which uses Java KeyStore as a truststore.

KeyAndCertCredential

Wraps a PrivateKey and X509Certificate chain as a X509Credential.

KeystoreCertChainValidator

The certificate validator which uses Java KeyStore as a truststore.

KeystoreCredential

Wraps a Java KeyStore in form suitable for use in JSSE.

OpensslCertChainValidator

The certificate validator which uses OpenSSL directory as a truststore.

OpensslNameUtils

This class provides support for the legacy Openssl format of DN encoding.

PEMCredential

Wraps certificate and private key stored in PEM format.

RevocationParametersExt

Manages configuration of revocation settings, used in non-openssl truststores.

SocketFactoryCreator

Deprecated.
Use SocketFactoryCreator2 instead, which handles hostname verification in a safer way.

SocketFactoryCreator2

Utility allowing programmers to quickly create SSL socket factories using configuration abstractions of this library.

ValidatorParams

Contains parameters common for all X509CertChainValidator implementations.

ValidatorParamsExt

Contains parameters common for all X509CertChainValidator implementations which use RevocationParametersExt

X500NameUtils

Contains utility static methods which are helpful in manipulating X.500 Distinguished Names, especially encoded in String form using RFC 2253.

X509Formatter

Utility allowing for converting certificates to various text representations.

Package eu.emi.security.authn.x509.impl