Package org.conscrypt
Class CertificatePriorityComparator
- java.lang.Object
-
- org.conscrypt.CertificatePriorityComparator
-
- All Implemented Interfaces:
java.util.Comparator<java.security.cert.X509Certificate>
@Internal public final class CertificatePriorityComparator extends java.lang.Object implements java.util.Comparator<java.security.cert.X509Certificate>
Comparator
for prioritizing certificates in path building.The sort order is as follows:
- Self-issued certificates first.
- Strength of certificates descending (EC before RSA, key size descending, signature algorithm strength descending).
- notAfter date descending.
- notBefore date descending.
-
-
Field Summary
Fields Modifier and Type Field Description private static java.util.Map<java.lang.String,java.lang.Integer>
ALGORITHM_OID_PRIORITY_MAP
Map of signature algorithm OIDs to priorities.private static java.lang.Integer
PRIORITY_MD5
private static java.lang.Integer
PRIORITY_SHA1
private static java.lang.Integer
PRIORITY_SHA224
private static java.lang.Integer
PRIORITY_SHA256
private static java.lang.Integer
PRIORITY_SHA384
private static java.lang.Integer
PRIORITY_SHA512
private static java.lang.Integer
PRIORITY_UNKNOWN
-
Constructor Summary
Constructors Constructor Description CertificatePriorityComparator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description int
compare(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
private int
compareKeyAlgorithm(java.security.PublicKey lhs, java.security.PublicKey rhs)
private int
compareKeySize(java.security.PublicKey lhs, java.security.PublicKey rhs)
private int
compareSignatureAlgorithm(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
private int
compareStrength(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
private int
getKeySize(java.security.PublicKey pkey)
-
-
-
Field Detail
-
ALGORITHM_OID_PRIORITY_MAP
private static final java.util.Map<java.lang.String,java.lang.Integer> ALGORITHM_OID_PRIORITY_MAP
Map of signature algorithm OIDs to priorities. OIDs with a lower priority will be sorted before those with higher.
-
PRIORITY_MD5
private static final java.lang.Integer PRIORITY_MD5
-
PRIORITY_SHA1
private static final java.lang.Integer PRIORITY_SHA1
-
PRIORITY_SHA224
private static final java.lang.Integer PRIORITY_SHA224
-
PRIORITY_SHA256
private static final java.lang.Integer PRIORITY_SHA256
-
PRIORITY_SHA384
private static final java.lang.Integer PRIORITY_SHA384
-
PRIORITY_SHA512
private static final java.lang.Integer PRIORITY_SHA512
-
PRIORITY_UNKNOWN
private static final java.lang.Integer PRIORITY_UNKNOWN
-
-
Method Detail
-
compare
public int compare(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
- Specified by:
compare
in interfacejava.util.Comparator<java.security.cert.X509Certificate>
-
compareStrength
private int compareStrength(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
-
compareKeyAlgorithm
private int compareKeyAlgorithm(java.security.PublicKey lhs, java.security.PublicKey rhs)
-
compareKeySize
private int compareKeySize(java.security.PublicKey lhs, java.security.PublicKey rhs)
-
getKeySize
private int getKeySize(java.security.PublicKey pkey)
-
compareSignatureAlgorithm
private int compareSignatureAlgorithm(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)
-
-