oracle.security.crypto.cert

Interface CertificateVerifier

public interface CertificateVerifier

A generic interface for certificate verification policies, such as X.509 certificate path validation, that operate on certificates known by issuer DN and serial number.

Instances of CertificateVerifier are returned by the CertificateTrustPolicy.makeCertificateVerifier(java.util.Vector<oracle.security.crypto.cert.X509>, java.util.Vector<oracle.security.crypto.cert.CRL>) method. Both the CertificateVerifier and CertificateTrustPolicy interfaces should be implemented for specific verification schemes.

See Also:

CertificateTrustPolicy, TrustedCAPolicy

Method Summary

Modifier and Type	Method and Description
X509	getValidCertificate(IssuerAndSerialNo iasn) Returns a certificate, known to be valid (according to criteria dependent on the verification scheme), which has the given issuer name and serial number.

Method Detail

getValidCertificate

X509 getValidCertificate(IssuerAndSerialNo iasn)
                  throws AuthenticationException

Returns a certificate, known to be valid (according to criteria dependent on the verification scheme), which has the given issuer name and serial number.

Returns:

The valid certificate, or null if no certificate with the given issuer name and serial number could be found.

Throws:

AuthenticationException - If a certificate with the given issuer name and serial number could be found, but is not valid or could not be verified.