File Doc Category Size Date Package
PKIXCertPathChecker.java API Doc Android 1.5 API 4671 Wed May 06 22:41:06 BST 2009 java.security.cert

PKIXCertPathChecker

java.lang.Object

public abstract class PKIXCertPathChecker extends Object implements Cloneable

The class specifying the interface to extend the certification path validation algorithm by checks to perform on an {@code X509Certificate}.

The checks are added to a certification path validation using the {@link PKIXParameters#setCertPathCheckers(java.util.List) setCertPathCheckers} or {@link PKIXBuilderParameters#addCertPathChecker(PKIXCertPathChecker) addCertPathChecker} of the {@code PKIXParameters} and {@code PKIXBuilderParameters} class respectively. The {@link #check(Certificate, Collection) check} method will be called for each certificate processed by a {@code CertPathBuilder} of {@code CertPathValidator}.

A {@code PKIXCertPathChecker} implementation must support reverse checking (from trusted CA to target) and may support forward checking (from target to trusted CA). The return value of {@code isForwardCheckingSupported} indicates whether forward checking is supported.

since: Android 1.0

Fields Summary
Constructors Summary
protected PKIXCertPathChecker()
Creates a new {@code PKIXCertPathChecker} instance.
since
Android 1.0
Methods Summary
public abstract void check(java.security.cert.Certificate cert, java.util.Collection unresolvedCritExts)
Checks the specified certificate and removes the processed critical extensions from the specified list of X.509 extension OIDs.
param
cert the certificate.
param
unresolvedCritExts the list of critical X.509 extension OID strings.
throws
CertPathValidatorException if check(s) fail on the specified certificate.
since
Android 1.0
public java.lang.Object clone()
Clones this {@code PKIXCertPathChecker} instance.
return
the cloned instance.
since
Android 1.0
try { return super.clone(); } catch (CloneNotSupportedException e) { throw new Error(e); }
public abstract java.util.Set getSupportedExtensions()
Returns the list of extensions of X.509 certificates that this {@code PKIXCertPathChecker} is able to process.
return
the list of extensions of X.509 certificates that this {@code PKIXCertPathChecker} is able to process, or {@code null} if there are none.
since
Android 1.0
public abstract void init(boolean forward)
Initializes this {@code PKIXCertPathChecker} instance for specified checking direction.
param
forward the direction of the certification path processing, {@code true} if the certificates are processed in forward direction (from target to trusted CA), {@code false} if processed in reverse direction (from trusted CA to target).
throws
CertPathValidatorException if initialization of this {@code PKIXCertPathChecker} instance fails, or if it cannot process certificates in the specified order.
since
Android 1.0
public abstract boolean isForwardCheckingSupported()
Returns whether this {@code PKIXCertPathChecker} instance supports forward checking.
return
{@code true} if this {@code PKIXCertPathChecker} instance supports forward checking, otherwise {@code false}.
since
Android 1.0