Package org.conscrypt

Class TrustManagerImpl.ExtendedKeyUsagePKIXCertPathChecker

  • All Implemented Interfaces:
    java.lang.Cloneable, java.security.cert.CertPathChecker
    Enclosing class:
    TrustManagerImpl

    private static class TrustManagerImpl.ExtendedKeyUsagePKIXCertPathChecker
    extends java.security.cert.PKIXCertPathChecker
    If an EKU extension is present in the end-entity certificate, it MUST contain an appropriate key usage. For servers, this includes anyExtendedKeyUsage, serverAuth, or the historical Server Gated Cryptography options of nsSGC or msSGC. For clients, this includes anyExtendedKeyUsage and clientAuth.
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private ExtendedKeyUsagePKIXCertPathChecker​(boolean clientAuth, java.security.cert.X509Certificate leaf)  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void check​(java.security.cert.Certificate c, java.util.Collection<java.lang.String> unresolvedCritExts)  
      java.util.Set<java.lang.String> getSupportedExtensions()  
      void init​(boolean forward)  
      boolean isForwardCheckingSupported()  
      • Methods inherited from class java.security.cert.PKIXCertPathChecker

        check, clone
      • Methods inherited from class java.lang.Object

        equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • EKU_anyExtendedKeyUsage

        private static final java.lang.String EKU_anyExtendedKeyUsage
        See Also:
        Constant Field Values
      • SUPPORTED_EXTENSIONS

        private static final java.util.Set<java.lang.String> SUPPORTED_EXTENSIONS
      • clientAuth

        private final boolean clientAuth
      • leaf

        private final java.security.cert.X509Certificate leaf
    • Constructor Detail

      • ExtendedKeyUsagePKIXCertPathChecker

        private ExtendedKeyUsagePKIXCertPathChecker​(boolean clientAuth,
                                                    java.security.cert.X509Certificate leaf)
    • Method Detail

      • init

        public void init​(boolean forward)
                  throws java.security.cert.CertPathValidatorException
        Specified by:
        init in interface java.security.cert.CertPathChecker
        Specified by:
        init in class java.security.cert.PKIXCertPathChecker
        Throws:
        java.security.cert.CertPathValidatorException
      • isForwardCheckingSupported

        public boolean isForwardCheckingSupported()
        Specified by:
        isForwardCheckingSupported in interface java.security.cert.CertPathChecker
        Specified by:
        isForwardCheckingSupported in class java.security.cert.PKIXCertPathChecker
      • getSupportedExtensions

        public java.util.Set<java.lang.String> getSupportedExtensions()
        Specified by:
        getSupportedExtensions in class java.security.cert.PKIXCertPathChecker
      • check

        public void check​(java.security.cert.Certificate c,
                          java.util.Collection<java.lang.String> unresolvedCritExts)
                   throws java.security.cert.CertPathValidatorException
        Specified by:
        check in class java.security.cert.PKIXCertPathChecker
        Throws:
        java.security.cert.CertPathValidatorException