Package org.globus.gsi.trustmanager
Class CRLChecker
- java.lang.Object
-
- org.globus.gsi.trustmanager.CRLChecker
-
- All Implemented Interfaces:
CertificateChecker
public class CRLChecker extends Object implements CertificateChecker
This checks to see if the certificate is in a CRL.- Since:
- 1.0
- Version:
- ${version}
-
-
Constructor Summary
Constructors Constructor Description CRLChecker(CertStore certStore, KeyStore keyStore, boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.CRLChecker(CertificateRevocationLists crlsList, KeyStore keyStore, boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
checkCRLDateValidity(X509CRL crl)
void
invoke(X509Certificate cert, GSIConstants.CertificateType certType)
Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown
-
-
-
Constructor Detail
-
CRLChecker
public CRLChecker(CertificateRevocationLists crlsList, KeyStore keyStore, boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.- Parameters:
crlsList
- The object containing the CRL'skeyStore
- The store used to get trusted certs.checkDateValidity
- Should we check if the CRL date is valid.
-
CRLChecker
public CRLChecker(CertStore certStore, KeyStore keyStore, boolean checkDateValidity)
Creates a CRLChecker where the CRL's are in the supplied stores.- Parameters:
certStore
- The store containing the CRL'skeyStore
- The store used to get trusted certs.checkDateValidity
- Should we check if the CRL date is valid.
-
-
Method Detail
-
invoke
public void invoke(X509Certificate cert, GSIConstants.CertificateType certType) throws CertPathValidatorException
Method that checks the if the certificate is in a CRL, if CRL is available If no CRL is found, then no error is thrown If an expired CRL is found, an error is thrown- Specified by:
invoke
in interfaceCertificateChecker
- Parameters:
cert
- The certificate to validate.certType
- The type of certificate to validate.- Throws:
CertPathValidatorException
- If CRL or CA certificate could not be loaded from store, CRL is not valid or expired, certificate is revoked.
-
checkCRLDateValidity
protected void checkCRLDateValidity(X509CRL crl) throws CertPathValidatorException
- Throws:
CertPathValidatorException
-
-