|
Bouncy Castle Cryptography 1.45 | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectjava.security.cert.PKIXParameters
org.bouncycastle.x509.ExtendedPKIXParameters
public class ExtendedPKIXParameters
This class extends the PKIXParameters with a validity model parameter.
| Field Summary | |
|---|---|
static int |
CHAIN_VALIDITY_MODEL
This model uses the following validity model. |
static int |
PKIX_VALIDITY_MODEL
This is the default PKIX validity model. |
| Constructor Summary | |
|---|---|
ExtendedPKIXParameters(java.util.Set trustAnchors)
Creates an instance of PKIXParameters with the specified
Set of most-trusted CAs. |
|
| Method Summary | |
|---|---|
void |
addAddionalStore(Store store)
Deprecated. |
void |
addAdditionalStore(Store store)
Adds an additional Bouncy Castle Store to find CRLs, certificates,
attribute certificates or cross certificates. |
void |
addStore(Store store)
Adds a Bouncy Castle Store to find CRLs, certificates, attribute
certificates or cross certificates. |
java.lang.Object |
clone()
|
java.util.List |
getAdditionalStores()
Returns an immutable List of additional Bouncy Castle
Stores used for finding CRLs, certificates, attribute
certificates or cross certificates. |
java.util.Set |
getAttrCertCheckers()
Returns the attribute certificate checker. |
static ExtendedPKIXParameters |
getInstance(java.security.cert.PKIXParameters pkixParams)
Returns an instance with the parameters of a given PKIXParameters object. |
java.util.Set |
getNecessaryACAttributes()
Returns the neccessary attributes which must be contained in an attribute certificate. |
java.util.Set |
getProhibitedACAttributes()
Returns the attribute certificates which are not allowed. |
java.util.List |
getStores()
Returns an immutable List of Bouncy Castle
Stores used for finding CRLs, certificates, attribute
certificates or cross certificates. |
Selector |
getTargetConstraints()
Returns the required constraints on the target certificate or attribute certificate. |
java.util.Set |
getTrustedACIssuers()
Returns the trusted attribute certificate issuers. |
int |
getValidityModel()
|
boolean |
isAdditionalLocationsEnabled()
Returns if additional X509Stores for locations like LDAP found
in certificates or CRLs should be used. |
boolean |
isUseDeltasEnabled()
Defaults to false. |
void |
setAdditionalLocationsEnabled(boolean enabled)
Sets if additional X509Stores for locations like LDAP found in
certificates or CRLs should be used. |
void |
setAttrCertCheckers(java.util.Set attrCertCheckers)
Sets the attribute certificate checkers. |
void |
setCertStores(java.util.List stores)
Sets the Java CertStore to this extended PKIX parameters. |
void |
setNecessaryACAttributes(java.util.Set necessaryACAttributes)
Sets the neccessary which must be contained in an attribute certificate. |
protected void |
setParams(java.security.cert.PKIXParameters params)
Method to support clone() under J2ME. |
void |
setProhibitedACAttributes(java.util.Set prohibitedACAttributes)
Sets the attribute certificates which are not allowed. |
void |
setStores(java.util.List stores)
Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute certificates or cross certificates. |
void |
setTargetCertConstraints(java.security.cert.CertSelector selector)
Sets the required constraints on the target certificate. |
void |
setTargetConstraints(Selector selector)
Sets the required constraints on the target certificate or attribute certificate. |
void |
setTrustedACIssuers(java.util.Set trustedACIssuers)
Sets the trusted attribute certificate issuers. |
void |
setUseDeltasEnabled(boolean useDeltas)
Sets if delta CRLs should be used for checking the revocation status. |
void |
setValidityModel(int validityModel)
|
| Methods inherited from class java.security.cert.PKIXParameters |
|---|
addCertPathChecker, addCertStore, getCertPathCheckers, getCertStores, getDate, getInitialPolicies, getPolicyQualifiersRejected, getSigProvider, getTargetCertConstraints, getTrustAnchors, isAnyPolicyInhibited, isExplicitPolicyRequired, isPolicyMappingInhibited, isRevocationEnabled, setAnyPolicyInhibited, setCertPathCheckers, setDate, setExplicitPolicyRequired, setInitialPolicies, setPolicyMappingInhibited, setPolicyQualifiersRejected, setRevocationEnabled, setSigProvider, setTrustAnchors, toString |
| Methods inherited from class java.lang.Object |
|---|
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Field Detail |
|---|
public static final int PKIX_VALIDITY_MODEL
PKIXParameters.setDate(java.util.Date) method, so this
methods sets the Date when all certificates must have been
valid.
public static final int CHAIN_VALIDITY_MODEL
PKIXParameters.setDate(java.util.Date) method sets the time, when
the end certificate must have been valid. It is used e.g.
in the German signature law.
| Constructor Detail |
|---|
public ExtendedPKIXParameters(java.util.Set trustAnchors)
throws java.security.InvalidAlgorithmParameterException
PKIXParameters with the specified
Set of most-trusted CAs. Each element of the set is a
TrustAnchor. Note that the Set
is copied to protect against subsequent modifications.
trustAnchors - a Set of TrustAnchors
java.security.InvalidAlgorithmParameterException - if the specified
Set is empty.
java.lang.NullPointerException - if the specified Set is
null
java.lang.ClassCastException - if any of the elements in the Set
is not of type java.security.cert.TrustAnchor| Method Detail |
|---|
public static ExtendedPKIXParameters getInstance(java.security.cert.PKIXParameters pkixParams)
PKIXParameters object.
pkixParams - The given PKIXParameters
protected void setParams(java.security.cert.PKIXParameters params)
clone() under J2ME.
super.clone() does not exist and fields are not copied.
params - Parameters to set. If this are
ExtendedPKIXParameters they are copied to.public boolean isUseDeltasEnabled()
false.
public void setUseDeltasEnabled(boolean useDeltas)
useDeltas - true if delta CRLs should be used.public int getValidityModel()
CHAIN_VALIDITY_MODEL,
PKIX_VALIDITY_MODELpublic void setCertStores(java.util.List stores)
setCertStores in class java.security.cert.PKIXParametersjava.lang.ClassCastException - if an element of stores is not
a CertStore.public void setStores(java.util.List stores)
The List is cloned.
stores - A list of stores to use.
java.lang.ClassCastException - if an element of stores is not
a Store.getStores()public void addStore(Store store)
Store to find CRLs, certificates, attribute
certificates or cross certificates.
This method should be used to add local stores, like collection based X.509 stores, if available. Local stores should be considered first, before trying to use additional (remote) locations, because they do not need possible additional network traffic.
If store is null it is ignored.
store - The store to add.getStores()public void addAdditionalStore(Store store)
Store to find CRLs, certificates,
attribute certificates or cross certificates.
You should not use this method. This method is used for adding additional X.509 stores, which are used to add (remote) locations, e.g. LDAP, found during X.509 object processing, e.g. in certificates or CRLs. This method is used in PKIX certification path processing.
If store is null it is ignored.
store - The store to add.getStores()public void addAddionalStore(Store store)
public java.util.List getAdditionalStores()
List of additional Bouncy Castle
Stores used for finding CRLs, certificates, attribute
certificates or cross certificates.
List of additional Bouncy Castle
Stores. Never null.addAdditionalStore(Store)public java.util.List getStores()
List of Bouncy Castle
Stores used for finding CRLs, certificates, attribute
certificates or cross certificates.
List of Bouncy Castle
Stores. Never null.setStores(List)public void setValidityModel(int validityModel)
validityModel - The validity model to set.CHAIN_VALIDITY_MODEL,
PKIX_VALIDITY_MODELpublic java.lang.Object clone()
clone in interface java.security.cert.CertPathParametersclone in class java.security.cert.PKIXParameterspublic boolean isAdditionalLocationsEnabled()
X509Stores for locations like LDAP found
in certificates or CRLs should be used.
true if additional stores are used.public void setAdditionalLocationsEnabled(boolean enabled)
X509Stores for locations like LDAP found in
certificates or CRLs should be used.
enabled - true if additional stores are used.public Selector getTargetConstraints()
Selector. If null, no constraints are
defined.
The target certificate in a PKIX path may be a certificate or an attribute certificate.
Note that the Selector returned is cloned to protect
against subsequent modifications.
Selector specifying the constraints on the
target certificate or attribute certificate (or null)setTargetConstraints(org.bouncycastle.util.Selector),
X509CertStoreSelector,
X509AttributeCertStoreSelectorpublic void setTargetConstraints(Selector selector)
Selector. If null, no constraints are
defined.
The target certificate in a PKIX path may be a certificate or an attribute certificate.
Note that the Selector specified is cloned to protect
against subsequent modifications.
selector - a Selector specifying the constraints on
the target certificate or attribute certificate (or
null)getTargetConstraints(),
X509CertStoreSelector,
X509AttributeCertStoreSelectorpublic void setTargetCertConstraints(java.security.cert.CertSelector selector)
X509CertSelector. If
null, no constraints are defined.
This method wraps the given X509CertSelector into a
X509CertStoreSelector.
Note that the X509CertSelector specified is cloned to
protect against subsequent modifications.
setTargetCertConstraints in class java.security.cert.PKIXParametersselector - a X509CertSelector specifying the
constraints on the target certificate (or null)PKIXParameters.getTargetCertConstraints(),
X509CertStoreSelectorpublic java.util.Set getTrustedACIssuers()
The returned Set consists of TrustAnchors.
The returned Set is immutable. Never null
public void setTrustedACIssuers(java.util.Set trustedACIssuers)
The trustedACIssuers must be a Set of
TrustAnchor
The given set is cloned.
trustedACIssuers - The trusted AC issuers to set. Is never
null.
java.lang.ClassCastException - if an element of stores is not
a TrustAnchor.public java.util.Set getNecessaryACAttributes()
The returned Set is immutable and contains
Strings with the OIDs.
public void setNecessaryACAttributes(java.util.Set necessaryACAttributes)
The Set must contain Strings with the
OIDs.
The set is cloned.
necessaryACAttributes - The necessary AC attributes to set.
java.lang.ClassCastException - if an element of
necessaryACAttributes is not a
String.public java.util.Set getProhibitedACAttributes()
The returned Set is immutable and contains
Strings with the OIDs.
null.public void setProhibitedACAttributes(java.util.Set prohibitedACAttributes)
The Set must contain Strings with the
OIDs.
The set is cloned.
prohibitedACAttributes - The prohibited AC attributes to set.
java.lang.ClassCastException - if an element of
prohibitedACAttributes is not a
String.public java.util.Set getAttrCertCheckers()
PKIXAttrCertCheckers and is immutable.
null.public void setAttrCertCheckers(java.util.Set attrCertCheckers)
All elements in the Set must a PKIXAttrCertChecker.
The given set is cloned.
attrCertCheckers - The attribute certificate checkers to set. Is
never null.
java.lang.ClassCastException - if an element of attrCertCheckers
is not a PKIXAttrCertChecker.
|
Bouncy Castle Cryptography 1.45 | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||