All Classes (canl 2.8.2 API)

All Classes Interface Summary Class Summary Enum Summary Exception Summary
Class	Description
AbstractCRLStoreSPI	Common code for `LazyOpensslCRLStoreSpi` and `PlainCRLStoreSpi`.
AbstractDelegatingX509Credential	Abstract base for credential implementations which delegate to another one.
AbstractEuGridPmaNamespacesStore	EuGridPMA policy store common code.
AbstractGlobusNamespacesStore	Globus EACL policy store common code.
AbstractHostnameToCertificateChecker	Deprecated. Use `SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback)` instead.
AbstractNamespacesStore	Policy store common code.
AbstractTrustAnchorStore	Base implementation of Trust Anchor stores.
AbstractValidator	Base implementation of `X509CertChainValidator`.
AbstractX509Credential	Base class with a shared code for `X509Credential` implementations.
BaseProxyCertificateOptions	Generic proxy creation parameters useful for all scenarios.
BCCertPathValidator	Low-level certificate validator based on the BC `PKIXCertPathReviewer` with additional support for proxy certificates.
BCErrorMapper	Maps `PKIXCertPathReviewer` errors to `ValidationError`.
BinaryCertChainValidator	A simplistic `X509CertChainValidator` implementation which always fails or accepts certificates, basing on the constructor argument.
BoundedSizeLruMap<S,T>
CachedElement<T>	Cached element is a container of an arbitrary object, enriched with a creation timestamp.
CachedPEMReader	This class extends the `PEMParser` class from the BC library.
CertificateExtension	Stores DER form of a certificate extension along with its OID and flag if the extension is critical.
CertificateHelpers	Utility methods for certificates handling and reading/writing PEM files.
CertificateHelpers.PEMContentsType
CertificateUtils	Utility class with methods simplifying typical certificate related operations.
CertificateUtils.Encoding	Definition of the encoding that can be used for reading or writing certificates or keys.
CertificateUtils.MissingPasswordForEncryptedKeyException
CertPathValidatorUtilitiesCanl	Exposes otherwise hidden methods from `CertPathValidatorUtilitiesCanl` plus in some cases fixes bugs plus produces errors in the desired format.
CharArrayPasswordFinder	Trivial implementation of `PasswordSupplier` which uses a password provided to the constructor.
CommonX509TrustManager	This class wraps X509CertChainValidator so it can be easily used in the standard Java SSL API.
CredentialX509KeyManager	Simple `KeyManager` implementation which always returns the only key and certificate which is available in the configured `X509Credential` object.
CrlCheckingMode	Defines Certificate Revocation List verification mode.
CRLParameters	Manages configuration of CRL sources, used in non-openssl truststores.
CRLRevocationChecker	Implementation of `RevocationChecker` using CRLs, the `RFC3280CertPathUtilitiesCanl`.
DERCredential	Wraps certificate and private key stored in DER format.
DirectoryCertChainValidator	The certificate validator which uses a flexible set of certificates and CRL locations.
DirectoryTrustAnchorStore	Retrieves CA certificates from locations given as local paths with wildcards or URLs.
DisabledNameMismatchCallback
DNComparator	Helpers for checking text representations of DNs for equality.
DraftRFCProxyCertInfoExtension	Proxy cert info extension class.
EnforcingNameMismatchCallback
EuGridPmaNamespacesParser	Parses a single EUGridPMA namespaces file and returns `NamespacePolicy` object.
EuGridPmaNamespacesStore	Provides an in-memory store of `NamespacePolicy` objects.
ExtendedProxyType
ExtPKIXParameters2	Extended PKIX parameters with additional settings related to the library features: different CRL modes and proxy support.
ExtPKIXParameters2.Builder
FixedBCPKIXCertPathReviewer	PKIXCertPathReviewer Validation of X.509 Certificate Paths.
FlexiblePEMReader	Extends BC's `PEMParser` class so it can read correctly also PEM files with a garbage at the beginning and minor syntax violations which occur more then often in the wild.
FormatMode	String output mode.
GlobusNamespacesParser	Parses a single .signing_policy file and returns `NamespacePolicy` object.
GlobusNamespacesParser.InvalidPolicyFilenameException
GlobusNamespacesParser.PolicySyntaxException
GlobusNamespacesStore	Provides an in-memory store of `NamespacePolicy` objects.
HostnameMismatchCallback	Deprecated. use `HostnameMismatchCallback2` and the related classes
HostnameMismatchCallback2	Implementation should react to the event when remote SSL peer's certificate is not matching its hostname.
HostnameToCertificateChecker	Verifies if a peer's host name matches a DN of its certificate.
HostnameToCertificateChecker.ResultWrapper
InMemoryKeystoreCertChainValidator	The certificate validator which uses Java `KeyStore` as a truststore.
IPAddressHelper	Helpers for IP addresses comparison.
JavaAndBCStyle	Extends `BCStyle` with additional recognized attribute names, to make it fully compatible with what the internal OpenJDK implementation supports when parsing string RFC 2253 DNs.
JDKFSTrustAnchorStore	Implementation of the `TrustAnchorStore` which load JDK's `KeyStore` from a file.
JDKInMemoryTrustAnchorStore	Implementation of the `TrustAnchorStore` which uses JDK's `KeyStore` as a in-memory storage.
KeyAndCertCredential	Wraps a `PrivateKey` and `X509Certificate` chain as a `X509Credential`.
KeystoreCertChainValidator	The certificate validator which uses Java `KeyStore` as a truststore.
KeystoreCredential	Wraps a Java KeyStore in form suitable for use in JSSE.
KeyStoreHelper	`KeyStore` class utility helpers
LazyEuGridPmaNamespacesStore	EuGridPMA namespace policies are loaded on demand by this store and are cached in memory.
LazyGlobusNamespacesStore	Globus EACL policies are loaded on demand by this store and are cached in memory.
LazyOpensslCRLStoreSpi	Handles an Openssl-like CRL store.
LazyOpensslTrustAnchorStoreImpl	Implementation of the truststore which uses CA certificates from a single directory in OpenSSL format.
NamespaceChecker	Implements namespace policy checking.
NamespaceCheckingMode	Used to define the CA namespace checking mode.
NamespacePolicy	Represents a namespace policy, i.e.
NamespacesParser	Implemented by namespace parsers.
NamespacesStore	Store of `NamespacePolicy` objects.
NonValidatingCertPathBuilder	This class is a modified copy of BC's `PKIXCertPathBuilderSpi`.
ObserversHandler	Thread safe class maintaining a collection of `StoreUpdateListener`s.
OCSPCacheBase	Common base class for responses and responders caches.
OCSPCachingClient	OCSP client which adds a cache layer on top of `OCSPClientImpl`.
OCSPCheckingMode	Defines On-line Certificate Status Protocol usage mode.
OCSPClientImpl	OCSP client is responsible for the network related activity of the OCSP invocation pipeline.
OCSPParametes	Manages configuration of OCSP support for all truststores.
OCSPResponder	Configuration of a local responder.
OCSPRespondersCache	OCSP failing responses cache: in memory with disk persistence.
OCSPResponsesCache	OCSP responses cache: in memory with disk persistence.
OCSPResponseStructure	Holds OCSP response (parsed) and some additional metadata, e.g.
OCSPResult
OCSPResult.Status
OCSPRevocationChecker	Implementation of `RevocationChecker` using CRLs, the `OCSPVerifier`
OCSPVerifier	OCSP checker - uses provided `OCSPParametes` to perform OCSP calls using `OCSPCachingClient` and returns the final response.
OidAndValue<T extends org.bouncycastle.asn1.ASN1Encodable>	Stores DER form of a certificate attribute value with its OID.
OpensslCertChainValidator	The certificate validator which uses OpenSSL directory as a truststore.
OpensslCRLStoreSpi	Implementation of the CRL store which uses CRLs from a single directory in OpenSSL format.
OpensslNamespacePolicyImpl	Represents a namespace policy, i.e.
OpensslNameUtils	This class provides support for the legacy Openssl format of DN encoding.
OpensslTrustAnchorStore	Implementations of this interface are used by `OpensslCertChainValidator` to get access to the trust anchor store.
OpensslTrustAnchorStoreImpl	Implementation of the truststore which uses CA certificates from a single directory in OpenSSL format.
OpensslTruststoreHelper	Several static methods helping to mangle truststore file paths in openssl style.
ParserUtils	Common helpers for namespace file parsers.
PasswordSupplier	Provides password on demand.
PEMCredential	Wraps certificate and private key stored in PEM format.
PKCS8DERReader	This class extends the `PEMParser` class from the BC library.
PKIXPolicyNode
PKIXProxyCertificateChecker	Checker which handles proxy certificate extensions so BC won't report them as unknown.
PlainCRLStoreSpi	Handles an in-memory CRL store.
PlainCRLValidator	An abstract validator which provides a CRL support common for validators using `PlainCRLStoreSpi`.
PlainStoreUtils	Class for CA or CRL stores with utility methods for handling list of locations as wildcards or URLs.
ProxyACExtension	A class for handling the VOMS AC extension in certificates (OID: 1.3.6.1.4.1.8005.100.100.5)
ProxyAddressRestrictionData	An utility class for defining the allowed address space, used both to define the source and target restrictions.
ProxyCertificate	Wraps information about a new proxy which was generated by the `ProxyGenerator`.
ProxyCertificateImpl	Default implementation of the `ProxyCertificate` interface.
ProxyCertificateOptions	Holds parameters which are used to create a proxy certificate using only a certificate chain.
ProxyCertInfoExtension	Proxy cert info extension class.
ProxyChainInfo	A class to get an information from a proxy certificate chain.
ProxyChainType	Specifies the type of the proxy chain.
ProxyCSR	Wraps information about a new proxy certificate signing request which was generated by the `ProxyCSRGenerator`.
ProxyCSRGenerator	Generates a proxy certificate signing request.
ProxyCSRImpl	ProxyCSR implementation.
ProxyCSRInfo	A class to get the information from the proxy certificate request.
ProxyGenerator	Utilities to create proxy certificates.
ProxyGeneratorHelper	Actual implementation of the Proxy generation.
ProxyHelper	Various helpers for handling proxy certificates
ProxyPolicy	Proxy policy ASN1 class.
ProxyRequestOptions	Holds parameters which are used to issue a proxy certificate using a provided Certificate Signing Request and a local certificate chain.
ProxySAMLExtension	A class for handling the SAML extension in the Certificate.
ProxySupport	Defines proxy support mode for validators.
ProxyTracingExtension	A class for generating and parsing the proxy tracing extensions.
ProxyType	Specifies the type of the proxy.
ProxyUtils	Utility methods for checking properties of proxy certificates.
ReaderInputStream	`InputStream` implementation that reads a character stream from a `Reader` and transforms it to a byte stream using a specified charset encoding.
RevocationChecker	Used to check revocation using a single revocation checking mechanism.
RevocationParameters	Wraps the information required to control how certificates revocation is checked.
RevocationParameters.RevocationCheckingOrder
RevocationParametersExt	Manages configuration of revocation settings, used in non-openssl truststores.
RevocationStatus	Covers possible generic revocation checking outcomes, in case when certificate being checked is not revoked.
RFC3280CertPathUtilitiesCanl	This class exposes the BC's JCA implementation of the `RFC3280CertPathUtilities`.
RFCProxyCertInfoExtension	Proxy cert info extension class.
SimpleCRLStore	Provider-less implementation of the CertStore.
SimpleValidationErrorException	Contains one problem code with optional arguments.
SocketFactoryCreator	Deprecated. Use `SocketFactoryCreator2` instead, which handles hostname verification in a safer way.
SocketFactoryCreator2	Utility allowing programmers to quickly create SSL socket factories using configuration abstractions of this library.
SSLTrustManager	Implementation of `TrustManager` which uses a configured `X509CertChainValidator` to validate certificates.
SSLTrustManagerWithHostnameChecking	Wires CANL abstractions: credentials and verificators into Java SSL socket factory.
StoreUpdateListener	Implementations receive information about updates of certificate, CRL stores or OCSP errors.
StoreUpdateListener.Severity
TimedTrustAnchorStoreBase	Base implementation of Trust Anchor stores which load all certificates into memory.
TrustAnchorExt
TrustAnchorStore	Implementations provide trust store material: a list of trusted CA certificates.
ValidationError	Holds information about a single validation problem with a reference to the certificate chain.
ValidationErrorCategory	This enumeration contains general classes of errors that can be signaled during certificate path validation.
ValidationErrorCode	This enumeration contains codes of errors that can be signaled during certificate path validation.
ValidationErrorException	Wraps a list of `ValidationError`
ValidationErrorListener	Invoked when there is an error found during certificate chain validation.
ValidationResult	Wraps a validation result, error messages and unresolved certificate extension oids (if any).
ValidatorParams	Contains parameters common for all `X509CertChainValidator` implementations.
ValidatorParamsExt	Contains parameters common for all `X509CertChainValidator` implementations which use `RevocationParametersExt`
WeakTimerTask<T>	This class holds a partner of the TimerTask reference as weak one.
X500NameUtils	Contains utility static methods which are helpful in manipulating X.500 Distinguished Names, especially encoded in String form using RFC 2253.
X509CertChainValidator	Implementations are used to perform a manual certificate chain validation.
X509CertChainValidatorExt	Extends the main `X509CertChainValidator` interface with some additional methods which are commonly provided by the most validator implementations, but are not strictly required for the sole validation.
X509Credential	Implementations are used to wrap credentials (private key and certificate) in various formats.
X509Formatter	Utility allowing for converting certificates to various text representations.
X509v3CertificateBuilder	Class to produce an X.509 Version 3 certificate.