Protected Methods |
static
void
|
checkCRLs(ExtendedPKIXParameters paramsPKIX, X509Certificate cert, Date validDate, X509Certificate sign, PublicKey workingPublicKey, List certPathCerts)
Checks a certificate if it is revoked.
|
static
PKIXPolicyNode
|
prepareCertB(CertPath certPath, int index, List[] policyNodes, PKIXPolicyNode validPolicyTree, int policyMapping)
|
static
void
|
prepareNextCertA(CertPath certPath, int index)
|
static
void
|
prepareNextCertG(CertPath certPath, int index, PKIXNameConstraintValidator nameConstraintValidator)
|
static
int
|
prepareNextCertH1(CertPath certPath, int index, int explicitPolicy)
|
static
int
|
prepareNextCertH2(CertPath certPath, int index, int policyMapping)
|
static
int
|
prepareNextCertH3(CertPath certPath, int index, int inhibitAnyPolicy)
|
static
int
|
prepareNextCertI1(CertPath certPath, int index, int explicitPolicy)
|
static
int
|
prepareNextCertI2(CertPath certPath, int index, int policyMapping)
|
static
int
|
prepareNextCertJ(CertPath certPath, int index, int inhibitAnyPolicy)
|
static
void
|
prepareNextCertK(CertPath certPath, int index)
|
static
int
|
prepareNextCertL(CertPath certPath, int index, int maxPathLength)
|
static
int
|
prepareNextCertM(CertPath certPath, int index, int maxPathLength)
|
static
void
|
prepareNextCertN(CertPath certPath, int index)
|
static
void
|
prepareNextCertO(CertPath certPath, int index, Set criticalExtensions, List pathCheckers)
|
static
Set
|
processCRLA1i(Date currentDate, ExtendedPKIXParameters paramsPKIX, X509Certificate cert, X509CRL crl)
|
static
Set[]
|
processCRLA1ii(Date currentDate, ExtendedPKIXParameters paramsPKIX, X509Certificate cert, X509CRL crl)
|
static
void
|
processCRLB1(DistributionPoint dp, Object cert, X509CRL crl)
If the DP includes cRLIssuer, then verify that the issuer field in the
complete CRL matches cRLIssuer in the DP and that the complete CRL
contains an issuing distribution point extension with the indirectCRL
boolean asserted.
|
static
void
|
processCRLB2(DistributionPoint dp, Object cert, X509CRL crl)
If the complete CRL includes an issuing distribution point (IDP) CRL
extension check the following:
(i) If the distribution point name is present in the IDP CRL extension
and the distribution field is present in the DP, then verify that one of
the names in the IDP matches one of the names in the DP.
|
static
void
|
processCRLC(X509CRL deltaCRL, X509CRL completeCRL, ExtendedPKIXParameters pkixParams)
If use-deltas is set, verify the issuer and scope of the delta CRL.
|
static
ReasonsMask
|
processCRLD(X509CRL crl, DistributionPoint dp)
|
static
Set
|
processCRLF(X509CRL crl, Object cert, X509Certificate defaultCRLSignCert, PublicKey defaultCRLSignKey, ExtendedPKIXParameters paramsPKIX, List certPathCerts)
Obtain and validate the certification path for the complete CRL issuer.
|
static
PublicKey
|
processCRLG(X509CRL crl, Set keys)
|
static
X509CRL
|
processCRLH(Set deltacrls, PublicKey key)
|
static
void
|
processCRLI(Date validDate, X509CRL deltacrl, Object cert, CertStatus certStatus, ExtendedPKIXParameters pkixParams)
|
static
void
|
processCRLJ(Date validDate, X509CRL completecrl, Object cert, CertStatus certStatus)
|
static
void
|
processCertA(CertPath certPath, ExtendedPKIXParameters paramsPKIX, int index, PublicKey workingPublicKey, boolean verificationAlreadyPerformed, X500Principal workingIssuerName, X509Certificate sign)
|
static
void
|
processCertBC(CertPath certPath, int index, PKIXNameConstraintValidator nameConstraintValidator)
|
static
PKIXPolicyNode
|
processCertD(CertPath certPath, int index, Set acceptablePolicies, PKIXPolicyNode validPolicyTree, List[] policyNodes, int inhibitAnyPolicy)
|
static
PKIXPolicyNode
|
processCertE(CertPath certPath, int index, PKIXPolicyNode validPolicyTree)
|
static
void
|
processCertF(CertPath certPath, int index, PKIXPolicyNode validPolicyTree, int explicitPolicy)
|
static
int
|
wrapupCertA(int explicitPolicy, X509Certificate cert)
|
static
int
|
wrapupCertB(CertPath certPath, int index, int explicitPolicy)
|
static
void
|
wrapupCertF(CertPath certPath, int index, List pathCheckers, Set criticalExtensions)
|
static
PKIXPolicyNode
|
wrapupCertG(CertPath certPath, ExtendedPKIXParameters paramsPKIX, Set userInitialPolicySet, int index, List[] policyNodes, PKIXPolicyNode validPolicyTree, Set acceptablePolicies)
|