Package org.conscrypt
Class TrustManagerImpl.ExtendedKeyUsagePKIXCertPathChecker
- java.lang.Object
-
- java.security.cert.PKIXCertPathChecker
-
- org.conscrypt.TrustManagerImpl.ExtendedKeyUsagePKIXCertPathChecker
-
- All Implemented Interfaces:
java.lang.Cloneable
,java.security.cert.CertPathChecker
- Enclosing class:
- TrustManagerImpl
private static class TrustManagerImpl.ExtendedKeyUsagePKIXCertPathChecker extends java.security.cert.PKIXCertPathChecker
If an EKU extension is present in the end-entity certificate, it MUST contain an appropriate key usage. For servers, this includes anyExtendedKeyUsage, serverAuth, or the historical Server Gated Cryptography options of nsSGC or msSGC. For clients, this includes anyExtendedKeyUsage and clientAuth.
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
clientAuth
private static java.lang.String
EKU_anyExtendedKeyUsage
private static java.lang.String
EKU_clientAuth
private static java.lang.String
EKU_msSGC
private static java.lang.String
EKU_nsSGC
private static java.lang.String
EKU_OID
private static java.lang.String
EKU_serverAuth
private java.security.cert.X509Certificate
leaf
private static java.util.Set<java.lang.String>
SUPPORTED_EXTENSIONS
-
Constructor Summary
Constructors Modifier Constructor Description private
ExtendedKeyUsagePKIXCertPathChecker(boolean clientAuth, java.security.cert.X509Certificate leaf)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
check(java.security.cert.Certificate c, java.util.Collection<java.lang.String> unresolvedCritExts)
java.util.Set<java.lang.String>
getSupportedExtensions()
void
init(boolean forward)
boolean
isForwardCheckingSupported()
-
-
-
Field Detail
-
EKU_OID
private static final java.lang.String EKU_OID
- See Also:
- Constant Field Values
-
EKU_anyExtendedKeyUsage
private static final java.lang.String EKU_anyExtendedKeyUsage
- See Also:
- Constant Field Values
-
EKU_clientAuth
private static final java.lang.String EKU_clientAuth
- See Also:
- Constant Field Values
-
EKU_serverAuth
private static final java.lang.String EKU_serverAuth
- See Also:
- Constant Field Values
-
EKU_nsSGC
private static final java.lang.String EKU_nsSGC
- See Also:
- Constant Field Values
-
EKU_msSGC
private static final java.lang.String EKU_msSGC
- See Also:
- Constant Field Values
-
SUPPORTED_EXTENSIONS
private static final java.util.Set<java.lang.String> SUPPORTED_EXTENSIONS
-
clientAuth
private final boolean clientAuth
-
leaf
private final java.security.cert.X509Certificate leaf
-
-
Method Detail
-
init
public void init(boolean forward) throws java.security.cert.CertPathValidatorException
- Specified by:
init
in interfacejava.security.cert.CertPathChecker
- Specified by:
init
in classjava.security.cert.PKIXCertPathChecker
- Throws:
java.security.cert.CertPathValidatorException
-
isForwardCheckingSupported
public boolean isForwardCheckingSupported()
- Specified by:
isForwardCheckingSupported
in interfacejava.security.cert.CertPathChecker
- Specified by:
isForwardCheckingSupported
in classjava.security.cert.PKIXCertPathChecker
-
getSupportedExtensions
public java.util.Set<java.lang.String> getSupportedExtensions()
- Specified by:
getSupportedExtensions
in classjava.security.cert.PKIXCertPathChecker
-
check
public void check(java.security.cert.Certificate c, java.util.Collection<java.lang.String> unresolvedCritExts) throws java.security.cert.CertPathValidatorException
- Specified by:
check
in classjava.security.cert.PKIXCertPathChecker
- Throws:
java.security.cert.CertPathValidatorException
-
-