SimpleChainVerifier (5.24 API Documentation)

java.lang.Object
- iaik.x509.ChainVerifier
- - iaik.x509.SimpleChainVerifier

All Implemented Interfaces:

java.io.Serializable
```
public class SimpleChainVerifier
extends ChainVerifier
implements java.io.Serializable
```
This class allows you to verify certificate chains. It builds on the ChainVerifier class which provides the cryptographic foundation and adds to it a simple trust mechanism. Each object internally maintains a list of trusted certificates (user certificates or CA certificates) in a Hashtable. See the superclass documentation for more information about the handling of trusted certificates by the verifyChain method.
To use it, first create a SimpleChainVerifier object and then add trusted certificates by means of the addTrustedCertificate or setTrustedCertificates methods. Then call verifyChain for any certificate chain you want to verify. Note that you can also use this class without any trusted certificates purely to verify a chain cryptographically. Simply call verifyChain without trusted certificates, it will then return false for cryptographically valid chains and throw a CertificateException for bad chains (broken, expired, etc.)

Version:

File Revision 14

See Also:
Serialized Form

Field Summary

Fields
Modifier and Type Field and Description

protected java.util.Hashtable signers
A Hashtable holding the X.509 Certificates of the trusted signers.

Fields
Modifier and Type	Field and Description
`protected java.util.Hashtable`	`signers` A Hashtable holding the X.509 Certificates of the trusted signers.

Constructor Summary

Constructors
Constructor and Description

SimpleChainVerifier()
Creates a new SimpleChainVerifier.

Constructors
Constructor and Description
`SimpleChainVerifier()` Creates a new SimpleChainVerifier.

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`addTrustedCertificate(java.security.cert.X509Certificate certificate)` Add a trusted certificate.
`boolean`	`isTrustedCertificate(java.security.cert.X509Certificate cert)` Checks whether a given certificate is marked as trusted.
`java.security.cert.X509Certificate`	`removeTrustedCertificate(java.security.cert.X509Certificate certificate)` Remove a certificate from the list of trusted certificates.
`void`	`setTrustedCertificates(java.security.cert.X509Certificate[] certificateList)` Sets the certificates to be trusted.
`java.util.Enumeration`	`trustedCertificates()` Returns the enumeration of the currently trusted certificates.

Methods inherited from class iaik.x509.ChainVerifier
checkExtensions, orderCertificateChain, verifyChain, verifyChain

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - signers
```
protected java.util.Hashtable signers
```
    A Hashtable holding the X.509 Certificates of the trusted signers. They are stored mapped to themselves, a hashtable is only used because a lookup is faster than for linear structures like Vectors.
- Constructor Detail
  - SimpleChainVerifier
```
public SimpleChainVerifier()
```
    Creates a new SimpleChainVerifier.
- Method Detail
  - isTrustedCertificate
```
public boolean isTrustedCertificate(java.security.cert.X509Certificate cert)
                             throws java.security.cert.CertificateException
```
    Checks whether a given certificate is marked as trusted.
    
    Specified by:
    
    isTrustedCertificate in class ChainVerifier
    
    Parameters:
    cert - the certificate to be checked
    
    Returns:
    true if the given cert is trusted, false otherwise
    
    Throws:
    
    java.security.cert.CertificateException - never thrown by this method; only declared because also declared in super class
  - trustedCertificates
```
public java.util.Enumeration trustedCertificates()
```
    Returns the enumeration of the currently trusted certificates.
    
    Returns:
    the enumeration of the currently trusted certificates.
  - setTrustedCertificates
```
public void setTrustedCertificates(java.security.cert.X509Certificate[] certificateList)
```
    Sets the certificates to be trusted. Previously trusted certificates are lost.
    
    Parameters:
    certificateList - the list of trusted certificates
  - addTrustedCertificate
```
public void addTrustedCertificate(java.security.cert.X509Certificate certificate)
```
    Add a trusted certificate.
    
    Parameters:
    certificate - the certificate to be marked as trusted
  - removeTrustedCertificate
```
public java.security.cert.X509Certificate removeTrustedCertificate(java.security.cert.X509Certificate certificate)
```
    Remove a certificate from the list of trusted certificates.
    
    Parameters:
    certificate - the certificate to no longer be marked as trusted
    
    Returns:
    if successfull the certificate itself, null if it was not trusted.

Class SimpleChainVerifier

Field Summary

Constructor Summary

Method Summary

Methods inherited from class iaik.x509.ChainVerifier

Methods inherited from class java.lang.Object

Field Detail

signers

Constructor Detail

SimpleChainVerifier

Method Detail

isTrustedCertificate

trustedCertificates

setTrustedCertificates

addTrustedCertificate

removeTrustedCertificate