Bouncy Castle Library 1.77.0 API Specification: Class PKIXExtendedParameters

Overview

Package

Class

Tree

Deprecated

Index

Help

Bouncy Castle Cryptography Library 1.77.0

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.jcajce
Class PKIXExtendedParameters

java.lang.Object
  |
  +--org.bouncycastle.jcajce.PKIXExtendedParameters

All Implemented Interfaces:: CertPathParameters, java.lang.Cloneable

public class PKIXExtendedParameters
extends java.lang.Object
implements CertPathParameters

This class extends the PKIXParameters with a validity model parameter.

Inner Class Summary

static class PKIXExtendedParameters.Builder
          Builder for a PKIXExtendedParameters object.

Field Summary

static int CHAIN_VALIDITY_MODEL
          This model uses the following validity model.

static int PKIX_VALIDITY_MODEL
          This is the default PKIX validity model.

Method Summary

java.lang.Object clone()
          Makes a copy of this CertPathParameters.

java.util.List getCertificateStores()


java.util.List getCertPathCheckers()


java.util.List getCertStores()


java.util.List getCRLStores()


java.util.Date getDate()
          Deprecated. Use 'getValidityDate' instead (which can return null).

java.util.Set getInitialPolicies()


java.util.Map getNamedCertificateStoreMap()


java.util.Map getNamedCRLStoreMap()


boolean getPolicyQualifiersRejected()


java.lang.String getSigProvider()


PKIXCertStoreSelector getTargetConstraints()
          Returns the required constraints on the target certificate.

java.util.Set getTrustAnchors()


java.util.Date getValidityDate()
          Returns the time at which to check the validity of the certification path.

int getValidityModel()


boolean isAnyPolicyInhibited()


boolean isExplicitPolicyRequired()


boolean isPolicyMappingInhibited()


boolean isRevocationEnabled()


boolean isUseDeltasEnabled()
          Defaults to false.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PKIX_VALIDITY_MODEL

public static final int PKIX_VALIDITY_MODEL

This is the default PKIX validity model. Actually there are two variants of this: The PKIX model and the modified PKIX model. The PKIX model verifies that all involved certificates must have been valid at the current time. The modified PKIX model verifies that all involved certificates were valid at the signing time. Both are indirectly chosen with the PKIXParameters.setDate(Date) method, so this methods sets the Date when all certificates must have been valid.

CHAIN_VALIDITY_MODEL

public static final int CHAIN_VALIDITY_MODEL

This model uses the following validity model. Each certificate must have been valid at the moment when it was used. That means the end certificate must have been valid at the time the signature was done. The CA certificate which signed the end certificate must have been valid, when the end certificate was signed. The CA (or Root CA) certificate must have been valid when the CA certificate was signed, and so on. So the PKIXParameters.setDate(Date) method sets the time, when the end certificate must have been valid. It is used e.g. in the German signature law.

Method Detail

getCertificateStores

public java.util.List getCertificateStores()

getNamedCertificateStoreMap

public java.util.Map getNamedCertificateStoreMap()

getCRLStores

public java.util.List getCRLStores()

getNamedCRLStoreMap

public java.util.Map getNamedCRLStoreMap()

getValidityDate

public java.util.Date getValidityDate()

Returns the time at which to check the validity of the certification path. If {@code null}, the current time is used.

Returns:: the {@code Date}, or {@code null} if not set

getDate

public java.util.Date getDate()

Deprecated. Use 'getValidityDate' instead (which can return null).

isUseDeltasEnabled

public boolean isUseDeltasEnabled()

Defaults to false.

Returns:: Returns if delta CRLs should be used.

getValidityModel

public int getValidityModel()

Returns:: Returns the validity model.
See Also:: CHAIN_VALIDITY_MODEL, PKIX_VALIDITY_MODEL

clone

public java.lang.Object clone()

Description copied from interface: CertPathParameters

Makes a copy of this CertPathParameters. Changes to the copy will not affect the original and vice versa.

Specified by:: clone in interface CertPathParameters
Overrides:: clone in class java.lang.Object

Following copied from interface: org.bouncycastle.jce.cert.CertPathParameters

Returns:: a copy of this CertPathParameters

getTargetConstraints

public PKIXCertStoreSelector getTargetConstraints()

Returns the required constraints on the target certificate. The constraints are returned as an instance of Selector. If null, no constraints are defined.

Returns:: a Selector specifying the constraints on the target certificate or attribute certificate (or null)
See Also:: PKIXCertStoreSelector

getTrustAnchors

public java.util.Set getTrustAnchors()

getInitialPolicies

public java.util.Set getInitialPolicies()

getSigProvider

public java.lang.String getSigProvider()

isExplicitPolicyRequired

public boolean isExplicitPolicyRequired()

isAnyPolicyInhibited

public boolean isAnyPolicyInhibited()

isPolicyMappingInhibited

public boolean isPolicyMappingInhibited()

getCertPathCheckers

public java.util.List getCertPathCheckers()

getCertStores

public java.util.List getCertStores()

isRevocationEnabled

public boolean isRevocationEnabled()

getPolicyQualifiersRejected

public boolean getPolicyQualifiersRejected()