org.bouncycastle.jce.provider

Class PKIXAttrCertPathValidatorSpi

public class PKIXAttrCertPathValidatorSpi extends CertPathValidatorSpi

CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.

See Also: ExtendedPKIXParameters

Method Summary
CertPathValidatorResultengineValidate(CertPath certPath, CertPathParameters params)
Validates an attribute certificate with the given certificate path.

Method Detail

engineValidate

public CertPathValidatorResult engineValidate(CertPath certPath, CertPathParameters params)
Validates an attribute certificate with the given certificate path.

params must be an instance of ExtendedPKIXParameters.

The target constraints in the params must be an X509AttributeCertStoreSelector with at least the attribute certificate criterion set. Obey that also target informations may be necessary to correctly validate this attribute certificate.

The attribute certificate issuer must be added to the trusted attribute issuers with setTrustedACIssuers.

Parameters: certPath The certificate path which belongs to the attribute certificate issuer public key certificate. params The PKIX parameters.

Returns: A PKIXCertPathValidatorResult of the result of validating the certPath.

Throws: InvalidAlgorithmParameterException if params is inappropriate for this validator. CertPathValidatorException if the verification fails.