org.openpermis.cert
Class BasicCertificateVerifier

java.lang.Object
  extended by org.openpermis.cert.BasicCertificateVerifier
All Implemented Interfaces:
CertificateVerifier

public class BasicCertificateVerifier
extends Object
implements CertificateVerifier

A very simple certificate verifier that checks all certificates against one trusted issuer certificate and does not support certificate chains. This verifier is very efficient and should be used if only one issuer certificate is used.

Since:
0.3.0

Field Summary
private  String provider
          The crypto provider or null if non is specified
private  X509Certificate trustedIssuer
          The one and only trusted issuer certificate
 
Constructor Summary
BasicCertificateVerifier(X509Certificate trustedIssuer)
          Creates a certificate verifier using the specified certificate as the one and only trusted issuer.
BasicCertificateVerifier(X509Certificate trustedIssuer, String provider)
          Creates a certificate verifier using the specified certificate as the one and only trusted issuer and the specified crypto provider for cryptographic functions.
 
Method Summary
 void verifyCertificate(Certificate certificate)
          Verifies the specified certificate and returns without exception if the certificate could successfully be verified..
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

trustedIssuer

private final X509Certificate trustedIssuer
The one and only trusted issuer certificate


provider

private final String provider
The crypto provider or null if non is specified

Constructor Detail

BasicCertificateVerifier

public BasicCertificateVerifier(X509Certificate trustedIssuer)
Creates a certificate verifier using the specified certificate as the one and only trusted issuer.

Parameters:
trustedIssuer - The certificate of the trusted issuer. Must not be null.
Since:
0.3.0

BasicCertificateVerifier

public BasicCertificateVerifier(X509Certificate trustedIssuer,
                                String provider)
Creates a certificate verifier using the specified certificate as the one and only trusted issuer and the specified crypto provider for cryptographic functions. It is usually not a good idea to explicitly specify a crypto provider but it may be required in some situations. If possibly use BasicCertificateVerifier(X509Certificate) instead.

Parameters:
trustedIssuer - The certificate of the trusted issuer. Must not be null.
provider - The name of the crypto provider used for cryptographic functions. Must not be null.
Since:
0.3.0
Method Detail

verifyCertificate

public void verifyCertificate(Certificate certificate)
                       throws CertificateException,
                              NoSuchAlgorithmException,
                              InvalidKeyException,
                              NoSuchProviderException,
                              SignatureException
Verifies the specified certificate and returns without exception if the certificate could successfully be verified..

Specified by:
verifyCertificate in interface CertificateVerifier
Parameters:
certificate - The certificate to be verified. Must not be null.
Throws:
CertificateException - Thrown on certificate encoding errors.
NoSuchAlgorithmException - Thrown on unsupported signature algorithms.
InvalidKeyException - Thrown on incorrect keys.
NoSuchProviderException - Thrown on incorrect crypto provider usage.
SignatureException - Thrown on incorrect signatures.
Since:
0.3.0


PERMIS Role Based Access Control 0.4.0 (Build 15)
2009/05/20 08:14:59
Copyright (c) 2002-2007 Ergon Informatik AG