Interface PathBuilder
- All Known Implementing Classes:
BasicPathBuilder
public interface PathBuilder
Interface for a path builder used to construct valid X.509 Certificate paths from a target certificate to a trust anchor.
In order to support OCSP validity checking, all trust anchors must be in the form of X.509 Certificates as this is required
to construct the OCSP requester ID.
Implementations of this interface MUST be thread safe, allowing one implemented object to serve multiple parallel threads.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Method Summary
Modifier and TypeMethodDescriptionbuildPath(X509Certificate targetCertificate, List<X509Certificate> supportingCertificates, CertStore intermediaryStore, List<TrustAnchor> trustAnchors) Builds the trusted path to a target certificate using the PKIX path building algorithm
-
Method Details
-
buildPath
PKIXCertPathBuilderResult buildPath(X509Certificate targetCertificate, List<X509Certificate> supportingCertificates, CertStore intermediaryStore, List<TrustAnchor> trustAnchors) throws Exception Builds the trusted path to a target certificate using the PKIX path building algorithm- Parameters:
targetCertificate- the target certificate the should be validated through this pathsupportingCertificates- supporting certificates provided with the target certificate such as with the validated signatureintermediaryStore- preconfigured store of intermediary CA certificatestrustAnchors- certificates that are trusted as trust anchors in the path building process- Returns:
CertPathBuilderResultresults from path building- Throws:
Exception- thrown if certificate path building fails
-