org.bouncycastle.x509

Class ExtendedPKIXBuilderParameters

public class ExtendedPKIXBuilderParameters extends ExtendedPKIXParameters

This class contains extended parameters for PKIX certification path builders.

See Also: java.security.cert.PKIXBuilderParameters PKIXCertPathBuilderSpi

Constructor Summary
ExtendedPKIXBuilderParameters(Set trustAnchors, Selector targetConstraints)
Creates an instance of PKIXBuilderParameters with the specified Set of most-trusted CAs.
Method Summary
Objectclone()
Makes a copy of this PKIXParameters object.
SetgetExcludedCerts()
Excluded certificates are not used for building a certification path.
static ExtendedPKIXParametersgetInstance(PKIXParameters pkixParams)
Returns an instance of ExtendedPKIXParameters which can be safely casted to ExtendedPKIXBuilderParameters.
intgetMaxPathLength()
Returns the value of the maximum number of intermediate non-self-issued certificates in the certification path.
voidsetExcludedCerts(Set excludedCerts)
Sets the excluded certificates which are not used for building a certification path.
voidsetMaxPathLength(int maxPathLength)
Sets the maximum number of intermediate non-self-issued certificates in a certification path.
protected voidsetParams(PKIXParameters params)
Can alse handle ExtendedPKIXBuilderParameters and PKIXBuilderParameters.

Constructor Detail

ExtendedPKIXBuilderParameters

public ExtendedPKIXBuilderParameters(Set trustAnchors, Selector targetConstraints)
Creates an instance of PKIXBuilderParameters with the specified Set of most-trusted CAs. Each element of the set is a TrustAnchor TrustAnchor.

Note that the Set is copied to protect against subsequent modifications.

Parameters: trustAnchors a Set of TrustAnchors targetConstraints a Selector specifying the constraints on the target certificate or attribute certificate.

Throws: InvalidAlgorithmParameterException if trustAnchors is empty. NullPointerException if trustAnchors is null ClassCastException if any of the elements of trustAnchors is not of type java.security.cert.TrustAnchor

Method Detail

clone

public Object clone()
Makes a copy of this PKIXParameters object. Changes to the copy will not affect the original and vice versa.

Returns: a copy of this PKIXParameters object

getExcludedCerts

public Set getExcludedCerts()
Excluded certificates are not used for building a certification path.

The returned set is immutable.

Returns: Returns the excluded certificates.

getInstance

public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
Returns an instance of ExtendedPKIXParameters which can be safely casted to ExtendedPKIXBuilderParameters.

This method can be used to get a copy from other PKIXBuilderParameters, PKIXParameters, and ExtendedPKIXParameters instances.

Parameters: pkixParams The PKIX parameters to create a copy of.

Returns: An ExtendedPKIXBuilderParameters instance.

getMaxPathLength

public int getMaxPathLength()
Returns the value of the maximum number of intermediate non-self-issued certificates in the certification path.

Returns: the maximum number of non-self-issued intermediate certificates in the certification path, or -1 if no limit exists.

See Also: ExtendedPKIXBuilderParameters

setExcludedCerts

public void setExcludedCerts(Set excludedCerts)
Sets the excluded certificates which are not used for building a certification path. If the Set is null an empty set is assumed.

The given set is cloned to protect it against subsequent modifications.

Parameters: excludedCerts The excluded certificates to set.

setMaxPathLength

public void setMaxPathLength(int maxPathLength)
Sets the maximum number of intermediate non-self-issued certificates in a certification path. The PKIX CertPathBuilder must not build paths longer then this length.

A value of 0 implies that the path can only contain a single certificate. A value of -1 does not limit the length. The default length is 5.

The basic constraints extension of a CA certificate overrides this value if smaller.

Parameters: maxPathLength the maximum number of non-self-issued intermediate certificates in the certification path

Throws: InvalidParameterException if maxPathLength is set to a value less than -1

See Also: PKIXCertPathBuilderSpi ExtendedPKIXBuilderParameters

setParams

protected void setParams(PKIXParameters params)
Can alse handle ExtendedPKIXBuilderParameters and PKIXBuilderParameters.

Parameters: params Parameters to set.

See Also: setParams