Overview Package Class Use Source Tree Index Deprecated About
Prev Class | Next ClassFrames | No Frames
Summary: Nested | Field | Method | ConstrDetail: Nested | Field | Method | Constr

java.security.cert

Class PKIXParameters

Implemented Interfaces:
CertPathParameters, Cloneable
Known Direct Subclasses:
PKIXBuilderParameters
public class PKIXParameters
extends Object
implements CertPathParameters
Parameters for verifying certificate paths using the PKIX (Public-Key Infrastructure (X.509)) algorithm.
Since:
1.4
See Also:
CertPathBuilder

Constructor Summary

PKIXParameters(Set trustAnchors)
Create a new PKIXParameters object, populating the trusted certificates set with the elements of the given set, each of which must be a TrustAnchor.
PKIXParameters(KeyStore keystore)
Create a new PKIXParameters object, populating the trusted certificates set with all certificates found in the given key store.

Method Summary

void
addCertPathChecker(PKIXCertPathChecker checker)
Add a certificate path checker.
void
addCertStore(CertStore store)
Add a CertStore to the list of cert stores.
Object
clone()
Returns a copy of these parameters.
List
getCertPathCheckers()
Returns an immutable list of all certificate path checkers.
List
getCertStores()
Returns an immutable list of cert stores.
Date
getDate()
Returns the date for which the certificate path should be validated, or null if the current time should be used.
Set
getInitialPolicies()
Returns the set of initial policy identifiers (as OID strings).
boolean
getPolicyQualifiersRejected()
Returns the value of the policy qualifiers enabled flag.
String
getSigProvider()
Returns the signature algorithm provider, or null if not set.
CertSelector
getTargetCertConstraints()
Returns the constraints placed on the target certificate, or null if there are none.
Set
getTrustAnchors()
Returns an immutable set of trust anchors.
boolean
isAnyPolicyInhibited()
Returns the value of the any policy inhibited flag.
boolean
isExplicitPolicyRequired()
Returns the value of the explicit policy required flag.
boolean
isPolicyMappingInhibited()
Returns the value of the policy mapping inhibited flag.
boolean
isRevocationEnabled()
Returns the value of the revocation enabled flag.
void
setAnyPolicyInhibited(boolean value)
Sets the value of the any policy inhibited flag.
void
setCertPathCheckers(List pathCheckers)
Sets the certificate path checkers.
void
setCertStores(List certStores)
Set the cert stores.
void
setDate(Date date)
Sets the date for which the certificate path should be validated, or null if the current time should be used.
void
setExplicitPolicyRequired(boolean value)
Sets the value of the explicit policy required flag.
void
setInitialPolicies(Set initPolicies)
Sets the initial policy identifiers (as OID strings).
void
setPolicyMappingInhibited(boolean value)
Sets the value of the policy mapping inhibited flag.
void
setPolicyQualifiersRejected(boolean value)
Sets the value of the policy qualifiers enabled flag.
void
setRevocationEnabled(boolean value)
Sets the value of the revocation enabled flag.
void
setSigProvider(String sigProvider)
Sets the signature algorithm provider, or null if there is no preferred provider.
void
setTargetCertConstraints(CertSelector targetConstraints)
Sets the constraints placed on the target certificate.
void
setTrustAnchors(Set trustAnchors)
Sets the trust anchors of this class, replacing the current trust anchors with those in the given set.
String
toString()
Returns a printable representation of these parameters.

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PKIXParameters

public PKIXParameters(Set trustAnchors)
            throws InvalidAlgorithmParameterException
Create a new PKIXParameters object, populating the trusted certificates set with the elements of the given set, each of which must be a TrustAnchor.
Parameters:
trustAnchors - The set of trust anchors.
Throws:
InvalidAlgorithmParameterException - If there are no certificates in the set.
NullPointerException - If trustAnchors is null.
ClassCastException - If every element in trustAnchors is not a TrustAnchor.

PKIXParameters

public PKIXParameters(KeyStore keystore)
            throws KeyStoreException,
                   InvalidAlgorithmParameterException
Create a new PKIXParameters object, populating the trusted certificates set with all certificates found in the given key store. All certificates found in the key store are assumed to be trusted by this constructor.
Parameters:
keystore - The key store.
Throws:
KeyStoreException - If the certificates cannot be retrieved from the key store.
InvalidAlgorithmParameterException - If there are no certificates in the key store.
NullPointerException - If keystore is null.

Method Details

addCertPathChecker

public void addCertPathChecker(PKIXCertPathChecker checker)
Add a certificate path checker.
Parameters:
checker - The certificate path checker to add.

addCertStore

public void addCertStore(CertStore store)
Add a CertStore to the list of cert stores.
Parameters:
store - The CertStore to add.

clone

public Object clone()
Returns a copy of these parameters.
Specified by:
clone in interface CertPathParameters
Overrides:
clone in interface Object
Returns:
The copy.

getCertPathCheckers

public List getCertPathCheckers()
Returns an immutable list of all certificate path checkers.
Returns:
An immutable list of all certificate path checkers.

getCertStores

public List getCertStores()
Returns an immutable list of cert stores. This method never returns null.
Returns:
The list of cert stores.

getDate

public Date getDate()
Returns the date for which the certificate path should be validated, or null if the current time should be used. The date object is copied to prevent subsequent modification.
Returns:
The date, or null if not set.

getInitialPolicies

public Set getInitialPolicies()
Returns the set of initial policy identifiers (as OID strings). If any policy is accepted, this method returns the empty set.
Returns:
An immutable set of initial policy OID strings, or the empty set if any policy is acceptable.

getPolicyQualifiersRejected

public boolean getPolicyQualifiersRejected()
Returns the value of the policy qualifiers enabled flag. The default value of this flag is true.
Returns:
The policy qualifiers enabled flag.

getSigProvider

public String getSigProvider()
Returns the signature algorithm provider, or null if not set.
Returns:
The signature algorithm provider, or null if not set.

getTargetCertConstraints

public CertSelector getTargetCertConstraints()
Returns the constraints placed on the target certificate, or null if there are none. The target constraints are copied to prevent subsequent modification.
Returns:
The target constraints, or null.

getTrustAnchors

public Set getTrustAnchors()
Returns an immutable set of trust anchors. The set returned will never be null and will never be empty.
Returns:
A (never null, never empty) immutable set of trust anchors.

isAnyPolicyInhibited

public boolean isAnyPolicyInhibited()
Returns the value of the any policy inhibited flag. The default value of this flag is false.
Returns:
The any policy inhibited flag.

isExplicitPolicyRequired

public boolean isExplicitPolicyRequired()
Returns the value of the explicit policy required flag. The default value of this flag is false.
Returns:
The explicit policy required flag.

isPolicyMappingInhibited

public boolean isPolicyMappingInhibited()
Returns the value of the policy mapping inhibited flag. The default value of this flag is false.
Returns:
The policy mapping inhibited flag.

isRevocationEnabled

public boolean isRevocationEnabled()
Returns the value of the revocation enabled flag. The default value for this flag is true.
Returns:
The revocation enabled flag.

setAnyPolicyInhibited

public void setAnyPolicyInhibited(boolean value)
Sets the value of the any policy inhibited flag.
Parameters:
value - The new value.

setCertPathCheckers

public void setCertPathCheckers(List pathCheckers)
Sets the certificate path checkers. If the argument is null, the list of checkers will merely be cleared.
Parameters:
pathCheckers - The new list of certificate path checkers.
Throws:
ClassCastException - If any element of pathCheckers is not a PKIXCertPathChecker.

setCertStores

public void setCertStores(List certStores)
Set the cert stores. If the argument is null the list of cert stores will be empty.
Parameters:
certStores - The cert stores.

setDate

public void setDate(Date date)
Sets the date for which the certificate path should be validated, or null if the current time should be used.
Parameters:
date - The new date, or null.

setExplicitPolicyRequired

public void setExplicitPolicyRequired(boolean value)
Sets the value of the explicit policy required flag.
Parameters:
value - The new value.

setInitialPolicies

public void setInitialPolicies(Set initPolicies)
Sets the initial policy identifiers (as OID strings). If the argument is null or the empty set, then any policy identifier will be accepted.
Parameters:
initPolicies - The new set of policy strings, or null.
Throws:
ClassCastException - If any element in initPolicies is not a string.

setPolicyMappingInhibited

public void setPolicyMappingInhibited(boolean value)
Sets the value of the policy mapping inhibited flag.
Parameters:
value - The new value.

setPolicyQualifiersRejected

public void setPolicyQualifiersRejected(boolean value)
Sets the value of the policy qualifiers enabled flag.
Parameters:
value - The new value.

setRevocationEnabled

public void setRevocationEnabled(boolean value)
Sets the value of the revocation enabled flag.
Parameters:
value - The new value.

setSigProvider

public void setSigProvider(String sigProvider)
Sets the signature algorithm provider, or null if there is no preferred provider.
Parameters:
sigProvider - The signature provider name.

setTargetCertConstraints

public void setTargetCertConstraints(CertSelector targetConstraints)
Sets the constraints placed on the target certificate.
Parameters:
targetConstraints - The target constraints.

setTrustAnchors

public void setTrustAnchors(Set trustAnchors)
            throws InvalidAlgorithmParameterException
Sets the trust anchors of this class, replacing the current trust anchors with those in the given set. The supplied set is copied to prevent modification.
Parameters:
trustAnchors - The new set of trust anchors.
Throws:
InvalidAlgorithmParameterException - If there are no certificates in the set.
NullPointerException - If trustAnchors is null.
ClassCastException - If every element in trustAnchors is not a TrustAnchor.

toString

public String toString()
Returns a printable representation of these parameters.
Overrides:
toString in interface Object
Returns:
A printable representation of these parameters.
PKIXParameters.java -- parameters for the PKIX cert path algorithm Copyright (C) 2003 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.

Overview Package Class Use Source Tree Index Deprecated About