Home | History | Annotate | Download | only in x509 
      1 package org.bouncycastle.x509;
      2 
      3 import java.security.cert.CertPath;
      4 import java.security.cert.CertPathValidatorException;
      5 import java.util.Collection;
      6 import java.util.Set;
      7 
      8 public abstract class PKIXAttrCertChecker
      9     implements Cloneable
     10 {
     11 
     12     /**
     13      * Returns an immutable <code>Set</code> of X.509 attribute certificate
     14      * extensions that this <code>PKIXAttrCertChecker</code> supports or
     15      * <code>null</code> if no extensions are supported.
     16      * <p>
     17      * Each element of the set is a <code>String</code> representing the
     18      * Object Identifier (OID) of the X.509 extension that is supported.
     19      * <p>
     20      * All X.509 attribute certificate extensions that a
     21      * <code>PKIXAttrCertChecker</code> might possibly be able to process
     22      * should be included in the set.
     23      *
     24      * @return an immutable <code>Set</code> of X.509 extension OIDs (in
     25      *         <code>String</code> format) supported by this
     26      *         <code>PKIXAttrCertChecker</code>, or <code>null</code> if no
     27      *         extensions are supported
     28      */
     29     public abstract Set getSupportedExtensions();
     30 
     31     /**
     32      * Performs checks on the specified attribute certificate. Every handled
     33      * extension is rmeoved from the <code>unresolvedCritExts</code>
     34      * collection.
     35      *
     36      * @param attrCert The attribute certificate to be checked.
     37      * @param certPath The certificate path which belongs to the attribute
     38      *            certificate issuer public key certificate.
     39      * @param holderCertPath The certificate path which belongs to the holder
     40      *            certificate.
     41      * @param unresolvedCritExts a <code>Collection</code> of OID strings
     42      *            representing the current set of unresolved critical extensions
     43      * @throws CertPathValidatorException if the specified attribute certificate
     44      *             does not pass the check.
     45      */
     46     public abstract void check(X509AttributeCertificate attrCert, CertPath certPath,
     47                                  CertPath holderCertPath, Collection unresolvedCritExts)
     48         throws CertPathValidatorException;
     49 
     50     /**
     51      * Returns a clone of this object.
     52      *
     53      * @return a copy of this <code>PKIXAttrCertChecker</code>
     54      */
     55     public abstract Object clone();
     56 }
     57