Package se.swedenconnect.sigval.cert.validity

Interface ValidityPathChecker

All Known Implementing Classes:

BasicValidityPathChecker

public interface ValidityPathChecker

This interface defines a function that validates that the signature of validation data is trusted through a validated path to an authorized and trusted source. Typically this means that a CRL must be issued by the entity that issued the certificate being checked for revocation and that an OCSP response is verified by a certificate that is issued directly by the CA that issued the target certificate. Implementations of this interface MUST apply measures to avoid recursive loops in validity checking where validity data to support validation of a certificate is verified through the validated certificate.

Author:

Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

Method Summary

Modifier and Type	Method	Description
void	verifyValidityStatusTrustPath(ValidationStatus validityStatus)	Verify the trust path used to verify the validity data used to check the revocation status of an X.509 certificate

Method Details

verifyValidityStatusTrustPath

void verifyValidityStatusTrustPath(ValidationStatus validityStatus)
                            throws RuntimeException

Verify the trust path used to verify the validity data used to check the revocation status of an X.509 certificate

Parameters:

validityStatus - result of certificate validity check

Throws:

RuntimeException - this exception must be thrown in all cases where trust in the validation result can't be verified