org.globus.gsi.trustmanager
Class CRLChecker

java.lang.Object
  extended by org.globus.gsi.trustmanager.CRLChecker
All Implemented Interfaces:
CertificateChecker

public class CRLChecker
extends java.lang.Object
implements CertificateChecker

This checks to see if the certificate is in a CRL.

Since:
1.0
Version:
${version}

Constructor Summary
CRLChecker(java.security.cert.CertStore certStore, java.security.KeyStore keyStore, boolean checkDateValidity)
          Creates a CRLChecker where the CRL's are in the supplied stores.
 
Method Summary
protected  void checkCRLDateValidity(java.security.cert.X509CRL crl)
           
 void invoke(java.security.cert.X509Certificate cert, GSIConstants.CertificateType certType)
          Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CRLChecker

public CRLChecker(java.security.cert.CertStore certStore,
                  java.security.KeyStore keyStore,
                  boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.

Parameters:
certStore - The store containing the CRL's
keyStore - The store used to get trusted certs.
checkDateValidity - Should we check if the CRL date is valid.
Method Detail

invoke

public void invoke(java.security.cert.X509Certificate cert,
                   GSIConstants.CertificateType certType)
            throws java.security.cert.CertPathValidatorException
Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown

Specified by:
invoke in interface CertificateChecker
Parameters:
cert - The certificate to validate.
certType - The type of certificate to validate.
Throws:
java.security.cert.CertPathValidatorException - If CRL or CA certificate could not be loaded from store, CRL is not valid or expired, certificate is revoked.

checkCRLDateValidity

protected void checkCRLDateValidity(java.security.cert.X509CRL crl)
                             throws java.security.cert.CertPathValidatorException
Throws:
java.security.cert.CertPathValidatorException


Copyright © 2013. All Rights Reserved.