org.mozilla.jss.ssl

Class SSLCertificateApprovalCallback.ValidityStatus

Enclosing Class:
SSLCertificateApprovalCallback

public class SSLCertificateApprovalCallback.ValidityStatus
extends java.lang.Object

This class holds details about the errors for each cert in the chain that the server presented To use this class, getReasons(), then iterate over the enumeration

Field Summary

static int
BAD_CERT_DOMAIN
this indicates common-name mismatch
static int
BAD_KEY
static int
BAD_SIGNATURE
static int
CA_CERT_INVALID
static int
CERT_BAD_ACCESS_LOCATION
static int
CERT_NOT_IN_NAME_SPACE
static int
CERT_STATUS_SERVER_ERROR
static int
EXPIRED_CERTIFICATE
static int
EXPIRED_ISSUER_CERTIFICATE
static int
INADEQUATE_CERT_TYPE
static int
INADEQUATE_KEY_USAGE
static int
INVALID_TIME
static int
OCSP_BAD_HTTP_RESPONSE
static int
OCSP_FUTURE_RESPONSE
static int
OCSP_MALFORMED_REQUEST
static int
OCSP_MALFORMED_RESPONSE
static int
OCSP_NOT_ENABLED
static int
OCSP_NO_DEFAULT_RESPONDER
static int
OCSP_OLD_RESPONSE
static int
OCSP_REQUEST_NEEDS_SIG
static int
OCSP_SERVER_ERROR
static int
OCSP_TRY_SERVER_LATER
static int
OCSP_UNAUTHORIZED_REQUEST
static int
OCSP_UNAUTHORIZED_RESPONSE
static int
OCSP_UNKNOWN_CERT
static int
OCSP_UNKNOWN_RESPONSE_STATUS
static int
OCSP_UNKNOWN_RESPONSE_TYPE
static int
PATH_LEN_CONSTRAINT_INVALID
static int
REVOKED_CERTIFICATE
static int
SEC_ERROR_CRL_BAD_SIGNATURE
static int
SEC_ERROR_CRL_EXPIRED
static int
SEC_ERROR_CRL_INVALID
static int
UNKNOWN_ISSUER
static int
UNKNOWN_SIGNER
static int
UNTRUSTED_CERT
static int
UNTRUSTED_ISSUER

Method Summary

void
addReason(int newReason, PK11Cert cert, int depth)
add a new failure reason to this enumeration.
Enumeration
getReasons()
returns an enumeration.

Field Details

BAD_CERT_DOMAIN

public static final int BAD_CERT_DOMAIN
this indicates common-name mismatch
Field Value:
-12276

BAD_KEY

public static final int BAD_KEY
Field Value:
-8178

BAD_SIGNATURE

public static final int BAD_SIGNATURE
Field Value:
-8182

CA_CERT_INVALID

public static final int CA_CERT_INVALID
Field Value:
-8156

CERT_BAD_ACCESS_LOCATION

public static final int CERT_BAD_ACCESS_LOCATION
Field Value:
-8075

CERT_NOT_IN_NAME_SPACE

public static final int CERT_NOT_IN_NAME_SPACE
Field Value:
-8080

CERT_STATUS_SERVER_ERROR

public static final int CERT_STATUS_SERVER_ERROR
Field Value:
-8077

EXPIRED_CERTIFICATE

public static final int EXPIRED_CERTIFICATE
Field Value:
-8181

EXPIRED_ISSUER_CERTIFICATE

public static final int EXPIRED_ISSUER_CERTIFICATE
Field Value:
-8162

INADEQUATE_CERT_TYPE

public static final int INADEQUATE_CERT_TYPE
Field Value:
-8101

INADEQUATE_KEY_USAGE

public static final int INADEQUATE_KEY_USAGE
Field Value:
-8102

INVALID_TIME

public static final int INVALID_TIME
Field Value:
-8184

OCSP_BAD_HTTP_RESPONSE

public static final int OCSP_BAD_HTTP_RESPONSE
Field Value:
-8073

OCSP_FUTURE_RESPONSE

public static final int OCSP_FUTURE_RESPONSE
Field Value:
-8061

OCSP_MALFORMED_REQUEST

public static final int OCSP_MALFORMED_REQUEST
Field Value:
-8072

OCSP_MALFORMED_RESPONSE

public static final int OCSP_MALFORMED_RESPONSE
Field Value:
-8063

OCSP_NOT_ENABLED

public static final int OCSP_NOT_ENABLED
Field Value:
-8065

OCSP_NO_DEFAULT_RESPONDER

public static final int OCSP_NO_DEFAULT_RESPONDER
Field Value:
-8064

OCSP_OLD_RESPONSE

public static final int OCSP_OLD_RESPONSE
Field Value:
-8060

OCSP_REQUEST_NEEDS_SIG

public static final int OCSP_REQUEST_NEEDS_SIG
Field Value:
-8069

OCSP_SERVER_ERROR

public static final int OCSP_SERVER_ERROR
Field Value:
-8071

OCSP_TRY_SERVER_LATER

public static final int OCSP_TRY_SERVER_LATER
Field Value:
-8070

OCSP_UNAUTHORIZED_REQUEST

public static final int OCSP_UNAUTHORIZED_REQUEST
Field Value:
-8068

OCSP_UNAUTHORIZED_RESPONSE

public static final int OCSP_UNAUTHORIZED_RESPONSE
Field Value:
-8062

OCSP_UNKNOWN_CERT

public static final int OCSP_UNKNOWN_CERT
Field Value:
-8066

OCSP_UNKNOWN_RESPONSE_STATUS

public static final int OCSP_UNKNOWN_RESPONSE_STATUS
Field Value:
-8067

OCSP_UNKNOWN_RESPONSE_TYPE

public static final int OCSP_UNKNOWN_RESPONSE_TYPE
Field Value:
-8074

PATH_LEN_CONSTRAINT_INVALID

public static final int PATH_LEN_CONSTRAINT_INVALID
Field Value:
-8155

REVOKED_CERTIFICATE

public static final int REVOKED_CERTIFICATE
Field Value:
-8180

SEC_ERROR_CRL_BAD_SIGNATURE

public static final int SEC_ERROR_CRL_BAD_SIGNATURE
Field Value:
-8160

SEC_ERROR_CRL_EXPIRED

public static final int SEC_ERROR_CRL_EXPIRED
Field Value:
-8161

SEC_ERROR_CRL_INVALID

public static final int SEC_ERROR_CRL_INVALID
Field Value:
-8159

UNKNOWN_ISSUER

public static final int UNKNOWN_ISSUER
Field Value:
-8179

UNKNOWN_SIGNER

public static final int UNKNOWN_SIGNER
Field Value:
-8076

UNTRUSTED_CERT

public static final int UNTRUSTED_CERT
Field Value:
-8171

UNTRUSTED_ISSUER

public static final int UNTRUSTED_ISSUER
Field Value:
-8172

Method Details

addReason

public void addReason(int newReason,
                      PK11Cert cert,
                      int depth)
add a new failure reason to this enumeration. This is called from the native code callback when it does a verify on the cert chain
Parameters:
newReason - sslerr.h error code - see constants defined above;
cert - a reference to the cert - so you can see the subject name, etc
depth - the index of this cert in the chain. 0 is the server cert.

getReasons

public Enumeration getReasons()
returns an enumeration. The elements in the enumeration are all of type 'ValidityItem'