Package org.conscrypt

Class CertificatePriorityComparator

  • All Implemented Interfaces:
    java.util.Comparator<java.security.cert.X509Certificate>

    @Internal
    public final class CertificatePriorityComparator
    extends java.lang.Object
    implements java.util.Comparator<java.security.cert.X509Certificate>
    Comparator for prioritizing certificates in path building.

    The sort order is as follows:

    1. Self-issued certificates first.
    2. Strength of certificates descending (EC before RSA, key size descending, signature algorithm strength descending).
    3. notAfter date descending.
    4. notBefore date descending.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int compare​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int compareKeyAlgorithm​(java.security.PublicKey lhs, java.security.PublicKey rhs)  
      private int compareKeySize​(java.security.PublicKey lhs, java.security.PublicKey rhs)  
      private int compareSignatureAlgorithm​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int compareStrength​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int getKeySize​(java.security.PublicKey pkey)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
      • Methods inherited from interface java.util.Comparator

        equals, reversed, thenComparing, thenComparing, thenComparing, thenComparingDouble, thenComparingInt, thenComparingLong
    • Field Detail

      • ALGORITHM_OID_PRIORITY_MAP

        private static final java.util.Map<java.lang.String,​java.lang.Integer> ALGORITHM_OID_PRIORITY_MAP
        Map of signature algorithm OIDs to priorities. OIDs with a lower priority will be sorted before those with higher.
      • PRIORITY_MD5

        private static final java.lang.Integer PRIORITY_MD5
      • PRIORITY_SHA1

        private static final java.lang.Integer PRIORITY_SHA1
      • PRIORITY_SHA224

        private static final java.lang.Integer PRIORITY_SHA224
      • PRIORITY_SHA256

        private static final java.lang.Integer PRIORITY_SHA256
      • PRIORITY_SHA384

        private static final java.lang.Integer PRIORITY_SHA384
      • PRIORITY_SHA512

        private static final java.lang.Integer PRIORITY_SHA512
      • PRIORITY_UNKNOWN

        private static final java.lang.Integer PRIORITY_UNKNOWN
    • Constructor Detail

      • CertificatePriorityComparator

        public CertificatePriorityComparator()
    • Method Detail

      • compare

        public int compare​(java.security.cert.X509Certificate lhs,
                           java.security.cert.X509Certificate rhs)
        Specified by:
        compare in interface java.util.Comparator<java.security.cert.X509Certificate>
      • compareStrength

        private int compareStrength​(java.security.cert.X509Certificate lhs,
                                    java.security.cert.X509Certificate rhs)
      • compareKeyAlgorithm

        private int compareKeyAlgorithm​(java.security.PublicKey lhs,
                                        java.security.PublicKey rhs)
      • compareKeySize

        private int compareKeySize​(java.security.PublicKey lhs,
                                   java.security.PublicKey rhs)
      • getKeySize

        private int getKeySize​(java.security.PublicKey pkey)
      • compareSignatureAlgorithm

        private int compareSignatureAlgorithm​(java.security.cert.X509Certificate lhs,
                                              java.security.cert.X509Certificate rhs)