Java Code Examples for java.security.cert.PKIXCertPathChecker

Following code examples demonstrate how to use java.security.cert.PKIXCertPathCheckerfrom java. These examples are extracted from various highly rated open source projects. You can directly use these code snippets or view their entire linked source code. These snippets are extracted to provide contextual information about how to use this class in the real world. These samples also let you understand some good practices on how to use java.security.cert.PKIXCertPathCheckerand various code implementation of this class.

    @Test
    public default void verifyGenericType()
    throws Exception {
        final Class<SUT> sut = createNewSUT();
        assertTrue("This j8unit test interface is used with a generic type that is illegaly not assignable to PKIXCertPathChecker.class!",
                   PKIXCertPathChecker.class.isAssignableFrom(sut));
    } 


Advertisement
Javadoc
An abstract class that performs one or more checks on an X509Certificate.

A concrete impl

ementation of the PKIXCertPathChecker class can be created to extend the PKIX certification path validation algorithm. For example, an implementation may check for and process a critical private extension of each certificate in a certification path.

Instances of PKIXCertPathChecker are passed as parameters using the PKIXParameters#setCertPathCheckers setCertPathCheckers or PKIXParameters#addCertPathChecker addCertPathChecker methods of the PKIXParameters and PKIXBuilderParameters class. Each of the PKIXCertPathCheckers #check check methods will be called, in turn, for each certificate processed by a PKIX CertPathValidator or CertPathBuilder implementation.

A PKIXCertPathChecker may be called multiple times on successive certificates in a certification path. Concrete subclasses are expected to maintain any internal state that may be necessary to check successive certificates. The #init init method is used to initialize the internal state of the checker so that the certificates of a new certification path may be checked. A stateful implementation must override the #clone clone method if necessary in order to allow a PKIX CertPathBuilder to efficiently backtrack and try other paths. In these situations, the CertPathBuilder is able to restore prior path validation states by restoring the cloned PKIXCertPathCheckers.

The order in which the certificates are presented to the PKIXCertPathChecker may be either in the forward direction (from target to most-trusted CA) or in the reverse direction (from most-trusted CA to target). A PKIXCertPathChecker implementation must support reverse checking (the ability to perform its checks when it is presented with certificates in the reverse direction) and may support forward checking (the ability to perform its checks when it is presented with certificates in the forward direction). The #isForwardCheckingSupported isForwardCheckingSupported method indicates whether forward checking is supported.

Additional input parameters required for executing the check may be specified through constructors of concrete implementations of this class.

Concurrent Access

Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize. @see PKIXParameters @see PKIXBuilderParameters @since 1.4 @author Yassir Elley @author Sean Mullan

Read More
Advertisement