org.globus.gsi.trustmanager
Class TrustedCertPathFinder

java.lang.Object
  extended by org.globus.gsi.trustmanager.TrustedCertPathFinder

public final class TrustedCertPathFinder
extends java.lang.Object

Created by IntelliJ IDEA. User: turtlebender Date: Jan 20, 2010 Time: 4:51:38 PM To change this template use File | Settings | File Templates.


Method Summary
static java.security.cert.CertPath findTrustedCertPath(java.security.KeyStore keyStore, java.security.cert.CertPath certPath)
          Method that validates the provided cert path to find a trusted certificate in the certificate store.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

findTrustedCertPath

public static java.security.cert.CertPath findTrustedCertPath(java.security.KeyStore keyStore,
                                                              java.security.cert.CertPath certPath)
                                                       throws java.security.cert.CertPathValidatorException
Method that validates the provided cert path to find a trusted certificate in the certificate store.

For each certificate i in certPath, it is expected that the i+1 certificate is the issuer of the certificate path. See CertPath.

For each certificate i in certpath, validate signature of certificate i get issuer of certificate i get certificate i+i ensure that the certificate i+1 is issuer of certificate i If not, throw an exception for illegal argument validate signature of i+1 Throw exception if it does not validate check if i+1 is a trusted certificate in the trust store. If so return certpath until i+1 If not, continue; If all certificates in the certpath have been checked and none exisits in trust store, check if trust store has certificate of issuer of last certificate in CertPath. If so, return certPath + trusted certificate from trust store If not, throw an exception for lack of valid trust root.

Parameters:
keyStore - The key store containing CA trust root certificates
certPath - The certpath from which to extract a valid cert path to a trusted certificate.
Returns:
The valid CertPath.
Throws:
java.security.cert.CertPathValidatorException - If the CertPath is invalid.


Copyright © 2013. All Rights Reserved.