libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/PKIXAttrCertChecker.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

package org.spongycastle.x509;

import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.util.Collection;
import java.util.Set;

public abstract class PKIXAttrCertChecker
    implements Cloneable
{

    /**
     * Returns an immutable <code>Set</code> of X.509 attribute certificate
     * extensions that this <code>PKIXAttrCertChecker</code> supports or
     * <code>null</code> if no extensions are supported.
     * <p>
     * Each element of the set is a <code>String</code> representing the
     * Object Identifier (OID) of the X.509 extension that is supported.
     * <p>
     * All X.509 attribute certificate extensions that a
     * <code>PKIXAttrCertChecker</code> might possibly be able to process
     * should be included in the set.
     * 
     * @return an immutable <code>Set</code> of X.509 extension OIDs (in
     *         <code>String</code> format) supported by this
     *         <code>PKIXAttrCertChecker</code>, or <code>null</code> if no
     *         extensions are supported
     */
    public abstract Set getSupportedExtensions();

    /**
     * Performs checks on the specified attribute certificate. Every handled
     * extension is rmeoved from the <code>unresolvedCritExts</code>
     * collection.
     * 
     * @param attrCert The attribute certificate to be checked.
     * @param certPath The certificate path which belongs to the attribute
     *            certificate issuer public key certificate.
     * @param holderCertPath The certificate path which belongs to the holder
     *            certificate.
     * @param unresolvedCritExts a <code>Collection</code> of OID strings
     *            representing the current set of unresolved critical extensions
     * @throws CertPathValidatorException if the specified attribute certificate
     *             does not pass the check.
     */
    public abstract void check(X509AttributeCertificate attrCert, CertPath certPath,
                                 CertPath holderCertPath, Collection unresolvedCritExts)
        throws CertPathValidatorException;

    /**
     * Returns a clone of this object.
     * 
     * @return a copy of this <code>PKIXAttrCertChecker</code>
     */
    public abstract Object clone();
}