Examples of java.security.cert.PKIXCertPathChecker

java.security.cert.PKIXCertPathChecker
An abstract class that performs one or more checks on an {@code X509Certificate}.
A concrete implementation of the {@code PKIXCertPathChecker} classcan be created to extend the PKIX certification path validation algorithm. For example, an implementation may check for and process a critical private extension of each certificate in a certification path.
Instances of {@code PKIXCertPathChecker} are passed as parametersusing the {@link PKIXParameters#setCertPathCheckers setCertPathCheckers}or {@link PKIXParameters#addCertPathChecker addCertPathChecker} methodsof the {@code PKIXParameters} and {@code PKIXBuilderParameters}class. Each of the {@code PKIXCertPathChecker}s {@link #check check}methods will be called, in turn, for each certificate processed by a PKIX {@code CertPathValidator} or {@code CertPathBuilder}implementation.
A {@code PKIXCertPathChecker} may be called multiple times onsuccessive certificates in a certification path. Concrete subclasses are expected to maintain any internal state that may be necessary to check successive certificates. The {@link #init init} method is usedto initialize the internal state of the checker so that the certificates of a new certification path may be checked. A stateful implementation must override the {@link #clone clone} method if necessary inorder to allow a PKIX {@code CertPathBuilder} to efficientlybacktrack and try other paths. In these situations, the {@code CertPathBuilder} is able to restore prior path validationstates by restoring the cloned {@code PKIXCertPathChecker}s.
The order in which the certificates are presented to the {@code PKIXCertPathChecker} may be either in the forward direction(from target to most-trusted CA) or in the reverse direction (from most-trusted CA to target). A {@code PKIXCertPathChecker} implementationmust support reverse checking (the ability to perform its checks when it is presented with certificates in the reverse direction) and may support forward checking (the ability to perform its checks when it is presented with certificates in the forward direction). The {@link #isForwardCheckingSupported isForwardCheckingSupported} methodindicates whether forward checking is supported.
Additional input parameters required for executing the check may be specified through constructors of concrete implementations of this class.
Concurrent Access
Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize. @see PKIXParameters @see PKIXBuilderParameters @since 1.4 @author Yassir Elley @author Sean Mullan

     *
     * @return Stub implementation of the <code>PKIXCertPathChecker</code>
     */
    public static PKIXCertPathChecker getTestCertPathChecker() {
        // stub implementation for testing purposes only
        return new PKIXCertPathChecker() {
            private boolean forward = false;


            public void check(Certificate arg0, Collection arg1)
                    throws CertPathValidatorException {
            }

View Full Code Here

        for (int i = 0; i<p.length; i++) {
            p[i] = new PKIXParameters(ks);


            p[i].setCertStores(TestUtils.getCollectionCertStoresList());


            PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker();
            List l = new ArrayList();
            assertTrue("addedOk", l.add(cpc));
            p[i].setCertPathCheckers(l);


            p[i].setDate(new Date(555L));

View Full Code Here

     *
     * @return Stub implementation of the <code>PKIXCertPathChecker</code>
     */
    public static PKIXCertPathChecker getTestCertPathChecker() {
        // stub implementation for testing purposes only
        return new PKIXCertPathChecker() {
            private boolean forward = false;


            public void check(Certificate arg0, Collection arg1)
                    throws CertPathValidatorException {
            }

View Full Code Here

    //
    // Tests
    //


    public final void testClone() {
        PKIXCertPathChecker pc1 = TestUtils.getTestCertPathChecker();
        PKIXCertPathChecker pc2 = (PKIXCertPathChecker) pc1.clone();
        assertNotSame("notSame", pc1, pc2);
    }

View Full Code Here

    // that are abstract in <code>PKIXCertPathChecker</code>
    // (So they just like signature tests)
    //


    public final void testIsForwardCheckingSupported() {
        PKIXCertPathChecker pc = TestUtils.getTestCertPathChecker();
        pc.isForwardCheckingSupported();
    }

View Full Code Here

        pc.isForwardCheckingSupported();
    }


    public final void testInit()
        throws CertPathValidatorException {
        PKIXCertPathChecker pc = TestUtils.getTestCertPathChecker();
        pc.init(true);
    }

View Full Code Here

        PKIXCertPathChecker pc = TestUtils.getTestCertPathChecker();
        pc.init(true);
    }


    public final void testGetSupportedExtensions() {
        PKIXCertPathChecker pc = TestUtils.getTestCertPathChecker();
        pc.getSupportedExtensions();
    }

View Full Code Here

        pc.getSupportedExtensions();
    }


    public final void testCheck()
        throws CertPathValidatorException {
        PKIXCertPathChecker pc = TestUtils.getTestCertPathChecker();
        pc.check(new MyCertificate("", null), new HashSet());
    }

View Full Code Here

        if (taSet == null) {
            fail(getName() + ": not performed (could not create test TrustAnchor set)");
        }


        PKIXParameters p = new PKIXParameters(taSet);
        PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker();
        List l = new ArrayList();
        assertTrue("addedOk", l.add(cpc));
        p.setCertPathCheckers(l);
        // retrieve checker and modify it
        PKIXCertPathChecker cpc1 = p.getCertPathCheckers().get(0);
        cpc1.init(true);
        assertTrue("modifiedOk", cpc1.isForwardCheckingSupported());
        // retrieve checker again and check
        // that its state has not been changed
        // by the above modification
        PKIXCertPathChecker cpc2 = p.getCertPathCheckers().get(0);
        assertFalse("isCloned", cpc2.isForwardCheckingSupported());
    }

View Full Code Here

        if (taSet == null) {
            fail(getName() + ": not performed (could not create test TrustAnchor set)");
        }


        PKIXParameters p = new PKIXParameters(taSet);
        PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker();
        List l = new ArrayList();
        assertTrue("addedOk", l.add(cpc));
        p.setCertPathCheckers(l);
        List l1 = p.getCertPathCheckers();
        assertNotNull("notNull", l1);

View Full Code Here

0 1 2 3

TOP

Related Classes of java.security.cert.PKIXCertPathChecker

org.apache.harmony.security.tests.java.security.cert.PKIXCertPathCheckerTest

org.apache.harmony.security.tests.java.security.cert.PKIXParameters_ImplTest

org.apache.harmony.security.tests.java.security.cert.PKIXParametersTest

org.apache.harmony.security.tests.support.cert.TestUtils

sun.security.provider.certpath.ForwardState

sun.security.provider.certpath.ReverseState

sun.security.provider.certpath.PKIXMasterCertPathValidator

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.