org.bouncycastle.x509

Class PKIXAttrCertChecker

public abstract class PKIXAttrCertChecker extends Object implements Cloneable

Method Summary
abstract voidcheck(X509AttributeCertificate attrCert, CertPath certPath, CertPath holderCertPath, Collection unresolvedCritExts)
Performs checks on the specified attribute certificate.
abstract Objectclone()
Returns a clone of this object.
abstract SetgetSupportedExtensions()
Returns an immutable Set of X.509 attribute certificate extensions that this PKIXAttrCertChecker supports or null if no extensions are supported.

Method Detail

check

public abstract void check(X509AttributeCertificate attrCert, CertPath certPath, CertPath holderCertPath, Collection unresolvedCritExts)
Performs checks on the specified attribute certificate. Every handled extension is rmeoved from the unresolvedCritExts collection.

Parameters: attrCert The attribute certificate to be checked. certPath The certificate path which belongs to the attribute certificate issuer public key certificate. holderCertPath The certificate path which belongs to the holder certificate. unresolvedCritExts a Collection of OID strings representing the current set of unresolved critical extensions

Throws: CertPathValidatorException if the specified attribute certificate does not pass the check.

clone

public abstract Object clone()
Returns a clone of this object.

Returns: a copy of this PKIXAttrCertChecker

getSupportedExtensions

public abstract Set getSupportedExtensions()
Returns an immutable Set of X.509 attribute certificate extensions that this PKIXAttrCertChecker supports or null if no extensions are supported.

Each element of the set is a String representing the Object Identifier (OID) of the X.509 extension that is supported.

All X.509 attribute certificate extensions that a PKIXAttrCertChecker might possibly be able to process should be included in the set.

Returns: an immutable Set of X.509 extension OIDs (in String format) supported by this PKIXAttrCertChecker, or null if no extensions are supported