Class TrustedCertPathFinder
- java.lang.Object
-
- org.globus.gsi.trustmanager.TrustedCertPathFinder
-
public final class TrustedCertPathFinder extends java.lang.Object
Created by IntelliJ IDEA. User: turtlebender Date: Jan 20, 2010 Time: 4:51:38 PM To change this template use File | Settings | File Templates.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.security.cert.CertPath
findTrustedCertPath(java.security.KeyStore keyStore, java.security.cert.CertPath certPath)
Method that validates the provided cert path to find a trusted certificate in the certificate store.
-
-
-
Method Detail
-
findTrustedCertPath
public static java.security.cert.CertPath findTrustedCertPath(java.security.KeyStore keyStore, java.security.cert.CertPath certPath) throws java.security.cert.CertPathValidatorException
Method that validates the provided cert path to find a trusted certificate in the certificate store.For each certificate i in certPath, it is expected that the i+1 certificate is the issuer of the certificate path. See CertPath.
For each certificate i in certpath, validate signature of certificate i get issuer of certificate i get certificate i+i ensure that the certificate i+1 is issuer of certificate i If not, throw an exception for illegal argument validate signature of i+1 Throw exception if it does not validate check if i+1 is a trusted certificate in the trust store. If so return certpath until i+1 If not, continue; If all certificates in the certpath have been checked and none exisits in trust store, check if trust store has certificate of issuer of last certificate in CertPath. If so, return certPath + trusted certificate from trust store If not, throw an exception for lack of valid trust root.
- Parameters:
keyStore
- The key store containing CA trust root certificatescertPath
- The certpath from which to extract a valid cert path to a trusted certificate.- Returns:
- The valid CertPath.
- Throws:
java.security.cert.CertPathValidatorException
- If the CertPath is invalid.
-
-