Interface CertPathChecker
- All Known Implementing Classes:
-
PKIXCertPathChecker
,PKIXRevocationChecker
public interface CertPathChecker
Performs one or more checks on each Certificate
of a CertPath
.
A CertPathChecker
implementation is typically created to extend a certification path validation algorithm. For example, an implementation may check for and process a critical private extension of each certificate in a certification path.
- Since:
- 1.8
Method Summary
Modifier and Type | Method | Description |
---|---|---|
void | check(Certificate cert) | Performs the check(s) on the specified certificate using its internal state. |
void | init(boolean forward) | Initializes the internal state of this |
boolean | isForwardCheckingSupported() | Indicates if forward checking is supported. |
Method Detail
init
void init(boolean forward) throws CertPathValidatorException
Initializes the internal state of this CertPathChecker
.
The forward
flag specifies the order that certificates will be passed to the check
method (forward or reverse).
- Parameters:
-
forward
- the order that certificates are presented to thecheck
method. Iftrue
, certificates are presented from target to trust anchor (forward); iffalse
, from trust anchor to target (reverse). - Throws:
-
CertPathValidatorException
- if thisCertPathChecker
is unable to check certificates in the specified order
isForwardCheckingSupported
boolean isForwardCheckingSupported()
Indicates if forward checking is supported. Forward checking refers to the ability of the CertPathChecker
to perform its checks when certificates are presented to the check
method in the forward direction (from target to trust anchor).
- Returns:
-
true
if forward checking is supported,false
otherwise
check
void check(Certificate cert) throws CertPathValidatorException
Performs the check(s) on the specified certificate using its internal state. The certificates are presented in the order specified by the init
method.
- Parameters:
-
cert
- theCertificate
to be checked - Throws:
-
CertPathValidatorException
- if the specified certificate does not pass the check