public final class

AlgorithmChecker

extends PKIXCertPathChecker
java.lang.Object
   ↳ java.security.cert.PKIXCertPathChecker
     ↳ sun.security.provider.certpath.AlgorithmChecker

Class Overview

AlgorithmChecker is a PKIXCertPathChecker that checks that the signature algorithm of the specified certificate is not disabled.

Summary

Public Methods
void check(Certificate cert, Collection<String> unresolvedCritExts)
Checks the signature algorithm of the specified certificate.
static void check(Certificate cert)
Set<String> getSupportedExtensions()
Returns an immutable Set of X.509 certificate extensions that this PKIXCertPathChecker supports (i.e.
void init(boolean forward)
Initializes the internal state of the checker from parameters specified in the constructor.
boolean isForwardCheckingSupported()
Indicates if forward checking is supported.
[Expand]
Inherited Methods
From class java.security.cert.PKIXCertPathChecker
From class java.lang.Object

Public Methods

public void check (Certificate cert, Collection<String> unresolvedCritExts)

Checks the signature algorithm of the specified certificate.

Parameters
cert the Certificate to be checked
unresolvedCritExts a Collection of OID strings representing the current set of unresolved critical extensions
Throws
CertPathValidatorException

public static void check (Certificate cert)

Throws
CertPathValidatorException

public Set<String> getSupportedExtensions ()

Returns an immutable Set of X.509 certificate extensions that this PKIXCertPathChecker supports (i.e. recognizes, is able to process), or null if no extensions are supported.

Each element of the set is a String representing the Object Identifier (OID) of the X.509 extension that is supported. The OID is represented by a set of nonnegative integers separated by periods.

All X.509 certificate extensions that a PKIXCertPathChecker might possibly be able to process should be included in the set.

Returns
  • an immutable Set of X.509 extension OIDs (in String format) supported by this PKIXCertPathChecker, or null if no extensions are supported

public void init (boolean forward)

Initializes the internal state of the checker from parameters specified in the constructor.

Parameters
forward the order that certificates are presented to the check method. If true, certificates are presented from target to most-trusted CA (forward); if false, from most-trusted CA to target (reverse).
Throws
CertPathValidatorException

public boolean isForwardCheckingSupported ()

Indicates if forward checking is supported. Forward checking refers to the ability of the PKIXCertPathChecker to perform its checks when certificates are presented to the check method in the forward direction (from target to most-trusted CA).

Returns
  • true if forward checking is supported, false otherwise