Package | Description |
---|---|
eu.emi.security.authn.x509 |
Contains API of the library.
|
eu.emi.security.authn.x509.helpers.ns |
Contains implementation of local namespace policy rules for trusted certificate authorities
(using Globus and EuGridPMA syntax), which are exclusively used by the
OpensslCertChainValidator |
eu.emi.security.authn.x509.helpers.pkipath |
Helper classes for internal, low level, logic of certificate path validation.
|
Modifier and Type | Method and Description |
---|---|
java.util.List<ValidationError> |
ValidationResult.getErrors()
Returns list of problems found.
|
Modifier and Type | Method and Description |
---|---|
boolean |
ValidationErrorListener.onValidationError(ValidationError error)
Invoked upon validation error during chain processing.
|
Modifier and Type | Method and Description |
---|---|
void |
ValidationResult.addErrors(java.util.List<ValidationError> errors)
Adds specified errors to this result (may change valid flag).
|
void |
ValidationResult.setErrors(java.util.List<ValidationError> errors) |
Constructor and Description |
---|
ValidationResult(boolean valid,
java.util.List<ValidationError> errors)
Constructor used when no information about unresolved extensions is provided.
|
ValidationResult(boolean valid,
java.util.List<ValidationError> errors,
java.util.Set<java.lang.String> unresolvedCriticalExtensions,
java.util.List<java.security.cert.X509Certificate> validChain)
Constructor used to provide a full information set about validation problem.
|
Modifier and Type | Method and Description |
---|---|
java.util.List<ValidationError> |
NamespaceChecker.check(java.security.cert.X509Certificate[] chain)
Checks all certificates in the chain whether they are correct w.r.t.
|
Modifier and Type | Method and Description |
---|---|
static ValidationError |
BCErrorMapper.map(org.bouncycastle.i18n.ErrorBundle error,
int pos,
java.security.cert.X509Certificate[] cc) |
Modifier and Type | Method and Description |
---|---|
protected java.util.List<ValidationError> |
BCCertPathValidator.convertErrors(java.util.List<?>[] bcErrorsA,
boolean ignoreProxyErrors,
int positionDelta,
java.security.cert.X509Certificate[] cc) |
java.util.List<ValidationError> |
ValidationErrorException.getErrors() |
Modifier and Type | Method and Description |
---|---|
void |
ValidationErrorException.addError(ValidationError e) |
protected boolean |
AbstractValidator.notifyListeners(ValidationError error)
Notifies all registered listeners.
|
Modifier and Type | Method and Description |
---|---|
void |
ValidationErrorException.addErrors(java.util.List<ValidationError> errors) |
protected void |
BCCertPathValidator.checkLastCNNameRule(javax.security.auth.x500.X500Principal srcP,
javax.security.auth.x500.X500Principal issuerP,
java.util.List<ValidationError> errors,
int position,
java.security.cert.X509Certificate[] proxyChain) |
protected java.util.List<java.security.cert.X509Certificate> |
BCCertPathValidator.checkNonProxyChain(java.security.cert.X509Certificate[] baseChain,
ExtPKIXParameters2 params,
java.util.List<ValidationError> errors,
java.util.Set<java.lang.String> unresolvedExtensions,
int posDelta,
java.security.cert.X509Certificate[] cc)
Performs checking of the chain which has no proxies (or at least should not have proxies),
using
FixedBCPKIXCertPathReviewer . |
protected void |
BCCertPathValidator.checkPairWithProxy(java.security.cert.X509Certificate issuerCert,
java.security.cert.X509Certificate proxyCert,
java.util.List<ValidationError> errors,
int position,
java.security.cert.X509Certificate[] proxyChain,
java.util.Date validationTime)
Checks if the certificate passed as the 2nd argument is a correct proxy
certificate including checks w.r.t.
|
protected void |
BCCertPathValidator.checkProxyChainMain(java.security.cert.X509Certificate[] proxyChain,
java.util.List<ValidationError> errors,
java.util.Set<java.lang.String> unresolvedExtensions,
java.util.Date validDate)
Performs a validation loop of the proxy chain checking each pair in chain
for the rules not otherwise verified by the base check.
|
protected void |
BCCertPathValidator.checkProxyChainWithBC(java.security.cert.X509Certificate[] proxyChain,
java.util.Set<java.security.cert.TrustAnchor> trustAnchor,
java.util.List<ValidationError> errors,
java.util.Set<java.lang.String> unresolvedExtensions)
Checks chain with proxies, starting with the EEC using X.509 path validation.
|
protected void |
BCCertPathValidator.checkProxyTime(java.security.cert.X509Certificate proxyCert,
java.util.Date validationTime,
java.security.cert.X509Certificate[] proxyChain,
java.util.List<ValidationError> errors,
int position) |
protected void |
AbstractValidator.processErrorList(java.util.List<ValidationError> errors) |
void |
ValidationErrorException.setError(java.util.List<ValidationError> errors) |
Constructor and Description |
---|
ValidationErrorException(ValidationError e) |