package org.bouncycastle.x509;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.util.Collection;
import java.util.Set;
public abstract class PKIXAttrCertChecker
implements Cloneable
{
Returns an immutable Set
of X.509 attribute certificate
extensions that this PKIXAttrCertChecker
supports or
null
if no extensions are supported.
Each element of the set is a String
representing the
Object Identifier (OID) of the X.509 extension that is supported.
All X.509 attribute certificate extensions that a
PKIXAttrCertChecker
might possibly be able to process
should be included in the set.
Returns: an immutable Set
of X.509 extension OIDs (in
String
format) supported by this
PKIXAttrCertChecker
, or null
if no
extensions are supported
/**
* Returns an immutable <code>Set</code> of X.509 attribute certificate
* extensions that this <code>PKIXAttrCertChecker</code> supports or
* <code>null</code> if no extensions are supported.
* <p>
* Each element of the set is a <code>String</code> representing the
* Object Identifier (OID) of the X.509 extension that is supported.
* <p>
* All X.509 attribute certificate extensions that a
* <code>PKIXAttrCertChecker</code> might possibly be able to process
* should be included in the set.
*
* @return an immutable <code>Set</code> of X.509 extension OIDs (in
* <code>String</code> format) supported by this
* <code>PKIXAttrCertChecker</code>, or <code>null</code> if no
* extensions are supported
*/
public abstract Set getSupportedExtensions();
Performs checks on the specified attribute certificate. Every handled
extension is rmeoved from the unresolvedCritExts
collection.
Params: - attrCert – The attribute certificate to be checked.
- certPath – The certificate path which belongs to the attribute
certificate issuer public key certificate.
- holderCertPath – The certificate path which belongs to the holder
certificate.
- unresolvedCritExts – a
Collection
of OID strings
representing the current set of unresolved critical extensions
Throws: - CertPathValidatorException – if the specified attribute certificate
does not pass the check.
/**
* Performs checks on the specified attribute certificate. Every handled
* extension is rmeoved from the <code>unresolvedCritExts</code>
* collection.
*
* @param attrCert The attribute certificate to be checked.
* @param certPath The certificate path which belongs to the attribute
* certificate issuer public key certificate.
* @param holderCertPath The certificate path which belongs to the holder
* certificate.
* @param unresolvedCritExts a <code>Collection</code> of OID strings
* representing the current set of unresolved critical extensions
* @throws CertPathValidatorException if the specified attribute certificate
* does not pass the check.
*/
public abstract void check(X509AttributeCertificate attrCert, CertPath certPath,
CertPath holderCertPath, Collection unresolvedCritExts)
throws CertPathValidatorException;
Returns a clone of this object.
Returns: a copy of this PKIXAttrCertChecker
/**
* Returns a clone of this object.
*
* @return a copy of this <code>PKIXAttrCertChecker</code>
*/
public abstract Object clone();
}