SigaCrlRevocationChecker (siga-doc 1.2-SNAPSHOT API)

java.lang.Object
- java.security.cert.PKIXCertPathChecker
- - sun.security.provider.certpath.SigaCrlRevocationChecker

All Implemented Interfaces:

Cloneable
```
public class SigaCrlRevocationChecker
extends PKIXCertPathChecker
```
CrlRevocationChecker is a PKIXCertPathChecker that checks revocation status information on a PKIX certificate using CRLs obtained from one or more CertStores. This is based on revision draft three of rfc2459 (http://www.ietf.org/internet-drafts/draft-ietf-pkix-new-part1-02.txt).

Since:

1.4

Version:

1.16, 12/19/03

Author:

Seth Proctor, Steve Hanna

Constructor Summary

Constructors
Constructor and Description

SigaCrlRevocationChecker(PublicKey initPubKey, PKIXParameters params)
Creates a CrlRevocationChecker.

Constructors
Constructor and Description
`SigaCrlRevocationChecker(PublicKey initPubKey, PKIXParameters params)` Creates a `CrlRevocationChecker`.

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`certCanSignCrl(X509Certificate currCert)` Checks that a cert can be used to verify a CRL.
`void`	`check(Certificate cert, Collection<String> unresolvedCritExts)` Performs the revocation status check on the certificate using its internal state.
`boolean`	`check(X509Certificate currCert, PublicKey prevKey, boolean signFlag)` Performs the revocation status check on the certificate using the provided state variables, as well as the constant internal data.
`Set<String>`	`getSupportedExtensions()`
`void`	`init(boolean forward)` Initializes the internal state of the checker from parameters specified in the constructor
`boolean`	`isForwardCheckingSupported()`

Methods inherited from class java.security.cert.PKIXCertPathChecker
clone

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SigaCrlRevocationChecker
```
public SigaCrlRevocationChecker(PublicKey initPubKey,
                        PKIXParameters params)
                         throws CertPathValidatorException
```
    Creates a CrlRevocationChecker.
    
    Parameters:
    initPubKey - initial PublicKey in the path
    params - PKIXParameters to be used for finding certificates and CRLs, etc.
    
    Throws:
    
    CertPathValidatorException
- Method Detail
  - init
```
public void init(boolean forward)
          throws CertPathValidatorException
```
    Initializes the internal state of the checker from parameters specified in the constructor
    
    Specified by:
    
    init in class PKIXCertPathChecker
    
    Throws:
    
    CertPathValidatorException
  - isForwardCheckingSupported
```
public boolean isForwardCheckingSupported()
```
    Specified by:
    
    isForwardCheckingSupported in class PKIXCertPathChecker
  - getSupportedExtensions
```
public Set<String> getSupportedExtensions()
```
    Specified by:
    
    getSupportedExtensions in class PKIXCertPathChecker
  - check
```
public void check(Certificate cert,
         Collection<String> unresolvedCritExts)
           throws CertPathValidatorException
```
    Performs the revocation status check on the certificate using its internal state.
    
    Specified by:
    
    check in class PKIXCertPathChecker
    
    Parameters:
    cert - the Certificate
    unresolvedCritExts - a Collection of the unresolved critical extensions
    
    Throws:
    
    CertPathValidatorException - Exception thrown if certificate does not verify
  - check
```
public boolean check(X509Certificate currCert,
            PublicKey prevKey,
            boolean signFlag)
              throws CertPathValidatorException
```
    Performs the revocation status check on the certificate using the provided state variables, as well as the constant internal data.
    
    Parameters:
    currCert - the Certificate
    prevKey - the previous PublicKey in the chain
    signFlag - a boolean as returned from the last call, or true if this is the first cert in the chain
    
    Returns:
    a boolean specifying if the cert is allowed to vouch for the validity of a CRL for the next iteration
    
    Throws:
    
    CertPathValidatorException - Exception thrown if certificate does not verify.
  - certCanSignCrl
```
public boolean certCanSignCrl(X509Certificate currCert)
```
    Checks that a cert can be used to verify a CRL.
    
    Parameters:
    currCert - an X509Certificate to check
    
    Returns:
    a boolean specifying if the cert is allowed to vouch for the validity of a CRL

Class SigaCrlRevocationChecker

Constructor Summary

Method Summary

Methods inherited from class java.security.cert.PKIXCertPathChecker

Methods inherited from class java.lang.Object

Constructor Detail

SigaCrlRevocationChecker

Method Detail

init

isForwardCheckingSupported

getSupportedExtensions

check

check

certCanSignCrl