public class CRLChecker extends java.lang.Object implements CertificateChecker
Modifier and Type | Field and Description |
---|---|
private java.security.cert.CertStore |
certStore |
private boolean |
checkDateValidity |
private CertificateRevocationLists |
crlsList |
private java.security.KeyStore |
keyStore |
Constructor and Description |
---|
CRLChecker(CertificateRevocationLists crlsList,
java.security.KeyStore keyStore,
boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.
|
CRLChecker(java.security.cert.CertStore certStore,
java.security.KeyStore keyStore,
boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.
|
Modifier and Type | Method and Description |
---|---|
protected void |
checkCRLDateValidity(java.security.cert.X509CRL crl) |
void |
invoke(java.security.cert.X509Certificate cert,
GSIConstants.CertificateType certType)
Method that checks the if the certificate is in a CRL, if CRL is
available If no CRL is found, then no error is thrown If an expired CRL
is found, an error is thrown
|
private void |
verifyCRL(java.security.cert.Certificate caCert,
java.security.cert.X509CRL crl) |
private CertificateRevocationLists crlsList
private java.security.cert.CertStore certStore
private java.security.KeyStore keyStore
private boolean checkDateValidity
public CRLChecker(CertificateRevocationLists crlsList, java.security.KeyStore keyStore, boolean checkDateValidity)
crlsList
- The object containing the CRL'skeyStore
- The store used to get trusted certs.checkDateValidity
- Should we check if the CRL date is valid.public CRLChecker(java.security.cert.CertStore certStore, java.security.KeyStore keyStore, boolean checkDateValidity)
certStore
- The store containing the CRL'skeyStore
- The store used to get trusted certs.checkDateValidity
- Should we check if the CRL date is valid.public void invoke(java.security.cert.X509Certificate cert, GSIConstants.CertificateType certType) throws java.security.cert.CertPathValidatorException
invoke
in interface CertificateChecker
cert
- The certificate to validate.certType
- The type of certificate to validate.java.security.cert.CertPathValidatorException
- If CRL or CA certificate could not be
loaded from store, CRL is not valid or
expired, certificate is revoked.private void verifyCRL(java.security.cert.Certificate caCert, java.security.cert.X509CRL crl) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException
protected void checkCRLDateValidity(java.security.cert.X509CRL crl) throws java.security.cert.CertPathValidatorException
java.security.cert.CertPathValidatorException