org.openpermis.cert
Class BasicCertificateVerifier

java.lang.Object
  extended by org.openpermis.cert.BasicCertificateVerifier
All Implemented Interfaces:
CertificateVerifier

public class BasicCertificateVerifier
extends Object
implements CertificateVerifier

A very simple certificate verifier that checks all certificates against one trusted issuer certificate and does not support certificate chains. This verifier is very efficient and should be used if only one issuer certificate is used.

Since:
0.3.0

Constructor Summary
BasicCertificateVerifier(X509Certificate trustedIssuer)
          Creates a certificate verifier using the specified certificate as the one and only trusted issuer.
BasicCertificateVerifier(X509Certificate trustedIssuer, String provider)
          Creates a certificate verifier using the specified certificate as the one and only trusted issuer and the specified crypto provider for cryptographic functions.
 
Method Summary
 void verifyCertificate(Certificate certificate)
          Verifies the specified certificate and returns without exception if the certificate could successfully be verified..
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BasicCertificateVerifier

public BasicCertificateVerifier(X509Certificate trustedIssuer)
Creates a certificate verifier using the specified certificate as the one and only trusted issuer.

Parameters:
trustedIssuer - The certificate of the trusted issuer. Must not be null.
Since:
0.3.0

BasicCertificateVerifier

public BasicCertificateVerifier(X509Certificate trustedIssuer,
                                String provider)
Creates a certificate verifier using the specified certificate as the one and only trusted issuer and the specified crypto provider for cryptographic functions. It is usually not a good idea to explicitly specify a crypto provider but it may be required in some situations. If possibly use BasicCertificateVerifier(X509Certificate) instead.

Parameters:
trustedIssuer - The certificate of the trusted issuer. Must not be null.
provider - The name of the crypto provider used for cryptographic functions. Must not be null.
Since:
0.3.0
Method Detail

verifyCertificate

public void verifyCertificate(Certificate certificate)
                       throws CertificateException,
                              NoSuchAlgorithmException,
                              InvalidKeyException,
                              NoSuchProviderException,
                              SignatureException
Verifies the specified certificate and returns without exception if the certificate could successfully be verified..

Specified by:
verifyCertificate in interface CertificateVerifier
Parameters:
certificate - The certificate to be verified. Must not be null.
Throws:
CertificateException - Thrown on certificate encoding errors.
NoSuchAlgorithmException - Thrown on unsupported signature algorithms.
InvalidKeyException - Thrown on incorrect keys.
NoSuchProviderException - Thrown on incorrect crypto provider usage.
SignatureException - Thrown on incorrect signatures.
Since:
0.3.0


PERMIS Role Based Access Control 0.4.0 (Build 15)
2009/05/20 08:14:49
Copyright (c) 2002-2007 Ergon Informatik AG