Class CertPathValidatorUtilitiesCanl
java.lang.Object
eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilitiesCanl
Exposes otherwise hidden methods from
CertPathValidatorUtilitiesCanl
plus in some
cases fixes bugs plus produces errors in the desired format.-
Field Summary
Fields inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic Collection
<?> findIssuerCerts
(X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) static TrustAnchor
findTrustAnchorPublic
(X509Certificate cert, Set<?> trustAnchors, String sigProvider) protected static List
<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint
(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) protected static Set
getCompleteCRLs
(org.bouncycastle.asn1.x509.DistributionPoint dp, Object cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) AsCertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs.protected static Set
<?> getCompleteCRLs2
(org.bouncycastle.asn1.x509.DistributionPoint dp, X509Certificate cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) getDeltaCRLs2
(Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, X509CRL completeCRL) Fetches delta CRLs according to RFC 3280 section 5.2.4.protected static org.bouncycastle.asn1.ASN1Primitive
getExtensionValue
(X509Extension ext, String oid) static BigInteger
getSerialNumber
(Object cert) Methods inherited from class eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities
checkCRLsNotEmpty, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAdditionalStoresFromAltNames, getAdditionalStoresFromCRLDistributionPoint, getAlgorithmIdentifier, getCertStatus, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getNextWorkingKey, getQualifierSet, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate
-
Constructor Details
-
CertPathValidatorUtilitiesCanl
public CertPathValidatorUtilitiesCanl()
-
-
Method Details
-
findTrustAnchorPublic
public static TrustAnchor findTrustAnchorPublic(X509Certificate cert, Set<?> trustAnchors, String sigProvider) throws org.bouncycastle.jce.provider.AnnotatedException - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
findIssuerCerts
public static Collection<?> findIssuerCerts(X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getCompleteCRLs2
protected static Set<?> getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, X509Certificate cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws SimpleValidationErrorException - Throws:
SimpleValidationErrorException
-
getCompleteCRLs
protected static Set getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, Object cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX) throws org.bouncycastle.jce.provider.AnnotatedException AsCertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters)
but it returns also expired CRLs.- Parameters:
dp
-cert
-currentDate
-paramsPKIX
-- Returns:
- A
Set
ofX509CRL
s. - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getDeltaCRLs2
protected static Set<X509CRL> getDeltaCRLs2(Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, X509CRL completeCRL) throws SimpleValidationErrorException Fetches delta CRLs according to RFC 3280 section 5.2.4.- Parameters:
currentDate
- The date for which the delta CRLs must be valid.paramsPKIX
- The extended PKIX parameters.completeCRL
- The complete CRL the delta CRL is for.- Returns:
- A
Set
ofX509CRL
s with delta CRLs. - Throws:
SimpleValidationErrorException
- if an exception occurs while picking the delta CRLs.
-
getExtensionValue
protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(X509Extension ext, String oid) throws org.bouncycastle.jce.provider.AnnotatedException - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getAdditionalStoresFromCRLDistributionPoint
protected static List<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams) throws org.bouncycastle.jce.provider.AnnotatedException - Throws:
org.bouncycastle.jce.provider.AnnotatedException
-
getSerialNumber
-