org.bouncycastle.jce.provider
Class PKIXAttrCertPathValidatorSpi
CertPathValidatorSpi
org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi
public class PKIXAttrCertPathValidatorSpi
extends CertPathValidatorSpi
CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
CertPathValidatorResult | engineValidate(CertPath certPath, CertPathParameters params) - Validates an attribute certificate with the given certificate path.
|
engineValidate
public CertPathValidatorResult engineValidate(CertPath certPath,
CertPathParameters params)
throws CertPathValidatorException,
InvalidAlgorithmParameterException
Validates an attribute certificate with the given certificate path.
params
must be an instance of
ExtendedPKIXParameters
.
The target constraints in the
params
must be an
X509AttributeCertStoreSelector
with at least the attribute
certificate criterion set. Obey that also target informations may be
necessary to correctly validate this attribute certificate.
The attribute certificate issuer must be added to the trusted attribute
issuers with
ExtendedPKIXParameters.setTrustedACIssuers(Set)
.
certPath
- The certificate path which belongs to the attribute
certificate issuer public key certificate.params
- The PKIX parameters.
- A
PKIXCertPathValidatorResult
of the result of
validating the certPath
.