Bouncy Castle Library 1.77.0 API Specification: Class ExtendedPKIXBuilderParameters

Overview

Package

Class

Tree

Deprecated

Index

Help

Bouncy Castle Cryptography Library 1.77.0

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.x509
Class ExtendedPKIXBuilderParameters

java.lang.Object
  |
  +--org.bouncycastle.jce.cert.PKIXParameters
        |
        +--org.bouncycastle.x509.ExtendedPKIXParameters
              |
              +--org.bouncycastle.x509.ExtendedPKIXBuilderParameters

All Implemented Interfaces:: CertPathParameters, java.lang.Cloneable

public class ExtendedPKIXBuilderParameters
extends ExtendedPKIXParameters

This class contains extended parameters for PKIX certification path builders.

See Also:: PKIXBuilderParameters, PKIXCertPathBuilderSpi

Fields inherited from class org.bouncycastle.x509.ExtendedPKIXParameters

CHAIN_VALIDITY_MODEL, PKIX_VALIDITY_MODEL

Constructor Summary

ExtendedPKIXBuilderParameters(java.util.Set trustAnchors, Selector targetConstraints)
          Creates an instance of PKIXBuilderParameters with the specified Set of most-trusted CAs.

Method Summary

java.lang.Object clone()
          Makes a copy of this PKIXParameters object.

java.util.Set getExcludedCerts()
          Excluded certificates are not used for building a certification path.

static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
          Returns an instance of ExtendedPKIXParameters which can be safely casted to ExtendedPKIXBuilderParameters.

int getMaxPathLength()
          Returns the value of the maximum number of intermediate non-self-issued certificates in the certification path.

void setExcludedCerts(java.util.Set excludedCerts)
          Sets the excluded certificates which are not used for building a certification path.

void setMaxPathLength(int maxPathLength)
          Sets the maximum number of intermediate non-self-issued certificates in a certification path.

protected void setParams(PKIXParameters params)
          Can alse handle ExtendedPKIXBuilderParameters and PKIXBuilderParameters.

Methods inherited from class org.bouncycastle.x509.ExtendedPKIXParameters

addAddionalStore, addStore, getAdditionalStores, getAttrCertCheckers, getNecessaryACAttributes, getProhibitedACAttributes, getStores, getTargetConstraints, getTrustedACIssuers, getValidityModel, isAdditionalLocationsEnabled, isUseDeltasEnabled, setAdditionalLocationsEnabled, setCertStores, setNecessaryACAttributes, setProhibitedACAttributes, setStores, setTargetCertConstraints, setTargetConstraints, setTrustedACIssuers, setUseDeltasEnabled, setValidityModel

Methods inherited from class org.bouncycastle.jce.cert.PKIXParameters

addCertPathChecker, addCertStore, getCertPathCheckers, getCertStores, getDate, getInitialPolicies, getPolicyQualifiersRejected, getSigProvider, getTargetCertConstraints, getTrustAnchors, isAnyPolicyInhibited, isExplicitPolicyRequired, isPolicyMappingInhibited, isRevocationEnabled, setAnyPolicyInhibited, setCertPathCheckers, setDate, setExplicitPolicyRequired, setInitialPolicies, setPolicyMappingInhibited, setPolicyQualifiersRejected, setRevocationEnabled, setSigProvider, setTrustAnchors, toString

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

ExtendedPKIXBuilderParameters

public ExtendedPKIXBuilderParameters(java.util.Set trustAnchors,
                                     Selector targetConstraints)
                              throws java.security.InvalidAlgorithmParameterException

Creates an instance of PKIXBuilderParameters with the specified Set of most-trusted CAs. Each element of the set is a TrustAnchor.

Note that the Set is copied to protect against subsequent modifications.

Parameters:: trustAnchors - a Set of TrustAnchors; targetConstraints - a Selector specifying the constraints on the target certificate or attribute certificate.
Throws:: java.security.InvalidAlgorithmParameterException - if trustAnchors is empty.; NullPointerException - if trustAnchors is null; java.lang.ClassCastException - if any of the elements of trustAnchors is not of type java.security.cert.TrustAnchor

Method Detail

getExcludedCerts

public java.util.Set getExcludedCerts()

Excluded certificates are not used for building a certification path.

The returned set is immutable.

Returns:: Returns the excluded certificates.

setExcludedCerts

public void setExcludedCerts(java.util.Set excludedCerts)

Sets the excluded certificates which are not used for building a certification path. If the Set is null an empty set is assumed.

The given set is cloned to protect it against subsequent modifications.

Parameters:: excludedCerts - The excluded certificates to set.

setMaxPathLength

public void setMaxPathLength(int maxPathLength)

Sets the maximum number of intermediate non-self-issued certificates in a certification path. The PKIX CertPathBuilder must not build paths longer then this length.

A value of 0 implies that the path can only contain a single certificate. A value of -1 does not limit the length. The default length is 5.

The basic constraints extension of a CA certificate overrides this value if smaller.

Parameters:: maxPathLength - the maximum number of non-self-issued intermediate certificates in the certification path
Throws:: java.security.InvalidParameterException - if maxPathLength is set to a value less than -1
See Also:: PKIXCertPathBuilderSpi, getMaxPathLength()

getMaxPathLength

public int getMaxPathLength()

Returns the value of the maximum number of intermediate non-self-issued certificates in the certification path.

Returns:: the maximum number of non-self-issued intermediate certificates in the certification path, or -1 if no limit exists.
See Also:: setMaxPathLength(int)

setParams

protected void setParams(PKIXParameters params)

Can alse handle ExtendedPKIXBuilderParameters and PKIXBuilderParameters.

Overrides:: setParams in class ExtendedPKIXParameters

Parameters:: params - Parameters to set.
See Also:: ExtendedPKIXParameters.setParams(org.bouncycastle.jce.cert.PKIXParameters)

clone

public java.lang.Object clone()

Makes a copy of this PKIXParameters object. Changes to the copy will not affect the original and vice versa.

Overrides:: clone in class ExtendedPKIXParameters

Returns:: a copy of this PKIXParameters object

getInstance

public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)

Returns an instance of ExtendedPKIXParameters which can be safely casted to ExtendedPKIXBuilderParameters.

This method can be used to get a copy from other PKIXBuilderParameters, PKIXParameters, and ExtendedPKIXParameters instances.

Parameters:: pkixParams - The PKIX parameters to create a copy of.
Returns:: An ExtendedPKIXBuilderParameters instance.