com.dstc.security.ssl
Class TrustEngine
java.lang.Object
|
+--com.dstc.security.ssl.TrustEngine
- Direct Known Subclasses:
- BasicTrustEngine
- public abstract class TrustEngine
- extends Object
An abstraction of trust for X.509 certificate paths.
- See Also:
BasicTrustEngine
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
TrustEngine
public TrustEngine()
getTrustedCerts
public abstract Iterator getTrustedCerts()
- Get the list of trusted certificates used by this TrustEngine.
- Returns:
- an Iterator for the list of X509Certificate instances.
The Iterator should not allow modification.
validateCertPath
public abstract void validateCertPath(X509Certificate[] path)
throws CertificateException,
CertPathValidationException
- Validate a candidate certificate path against this TrustEngine.
Returns void for success, throws exceptions for failure.
This method may be invoked concurrently from multiple threads,
so its implementation should be multithread-safe; this is
straightforward if it maintains no state, i.e. has no mutable instance
variables (or mutable objects reached from those instance variables).
- Parameters:
path
- the candidate certificate path to check. path[0] should
contain the subject's certificate; any subsequent entries should
be CA certificates in the normal order.- Throws:
- CertificateException - if some certificate in the path is
deemed unsuitable
- CertPathValidationException - if validation of the certificate
path failed