PKIVerifier (voms-api-java 2.0.10 API)

java.lang.Object
- org.glite.voms.PKIVerifier

public class PKIVerifier
extends java.lang.Object

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`AUTHORITY_KEY_IDENTIFIER`
`static java.lang.String`	`BASIC_CONSTRAINTS_IDENTIFIER`
`static java.lang.String`	`KEY_USAGE_IDENTIFIER`
`static java.lang.String`	`PROXYCERTINFO`
`static java.lang.String`	`PROXYCERTINFO_OLD`
`static java.lang.String`	`SUBJECT_KEY_IDENTIFIER`
`static java.lang.String`	`TARGET`

Constructor Summary

Constructors
Constructor and Description
`PKIVerifier()` Initializes the verifier.
`PKIVerifier(VOMSTrustStore vomsStore)` Initializes the verifier.
`PKIVerifier(VOMSTrustStore vomsStore, PKIStore caStore)` Initializes the verifier.

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`cleanup()` Cleans up resources allocated by the verifier.
`void`	`setCAStore(PKIStore store)` Sets a new CAStore.
`void`	`setVOMSStore(VOMSTrustStore store)` Sets a new VOMSStore.
`boolean`	`verify(AttributeCertificate ac)` Verifies an Attribute Certificate according to RFC 3281.
`boolean`	`verify(java.security.cert.X509Certificate[] certs)` Verifies an certificate chain according to RFC 3280.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - SUBJECT_KEY_IDENTIFIER
```
public static final java.lang.String SUBJECT_KEY_IDENTIFIER
```
    See Also:
    Constant Field Values
  - AUTHORITY_KEY_IDENTIFIER
```
public static final java.lang.String AUTHORITY_KEY_IDENTIFIER
```
    See Also:
    Constant Field Values
  - PROXYCERTINFO
```
public static final java.lang.String PROXYCERTINFO
```
    See Also:
    Constant Field Values
  - PROXYCERTINFO_OLD
```
public static final java.lang.String PROXYCERTINFO_OLD
```
    See Also:
    Constant Field Values
  - BASIC_CONSTRAINTS_IDENTIFIER
```
public static final java.lang.String BASIC_CONSTRAINTS_IDENTIFIER
```
    See Also:
    Constant Field Values
  - KEY_USAGE_IDENTIFIER
```
public static final java.lang.String KEY_USAGE_IDENTIFIER
```
    See Also:
    Constant Field Values
  - TARGET
```
public static final java.lang.String TARGET
```
    See Also:
    Constant Field Values
- Constructor Detail
  - PKIVerifier
```
public PKIVerifier(VOMSTrustStore vomsStore,
           PKIStore caStore)
```
    Initializes the verifier.
    
    Parameters:
    vomsStore - the VOMSTrustStore object which represents the vomsdir store.
    caStore - the PKIStore object which represents the CA store.
  - PKIVerifier
```
public PKIVerifier(VOMSTrustStore vomsStore)
            throws java.io.IOException,
                   java.security.cert.CertificateException,
                   java.security.cert.CRLException
```
    Initializes the verifier. The CA store is initialized at: "/etc/grid-security/certificates."
    
    Parameters:
    vomsStore - the VOMSTrustStore object which represents the vomsdir store.
    
    Throws:
    
    java.io.IOException - if there have been IO errors.
    
    java.security.cert.CertificateException - if there have been problems parsing a certificate
    
    java.security.cert.CRLException - if there have been problems parsing a CRL.
  - PKIVerifier
```
public PKIVerifier()
            throws java.io.IOException,
                   java.security.cert.CertificateException,
                   java.security.cert.CRLException
```
    Initializes the verifier. If the VOMSDIR and CADIR system properties are set, those values are used to initialize the voms and ca certificates trust stores. Tipically, the VOMSDIR should point to a directory that contains voms server certificates, while the CADIR should point to a directory where CA certificates and crl are stored. If the system properties are not set, The CA store is initialized to: "/etc/grid-security/certificates.", while the VOMS store is initialized to "/etc/grid-security/vomsdir" (slash becomes backslash on windows).
    
    Throws:
    
    java.io.IOException - if there have been IO errors.
    
    java.security.cert.CertificateException - if there have been problems parsing a certificate
    
    java.security.cert.CRLException - if there have been problems parsing a CRL.
- Method Detail
  - cleanup
```
public void cleanup()
```
    Cleans up resources allocated by the verifier. This method MUST be called prior to disposal of this object, otherwise memory leaks and runaway threads will occur.
  - setCAStore
```
public void setCAStore(PKIStore store)
```
    Sets a new CAStore.
    
    Parameters:
    store - the new CA store.
  - setVOMSStore
```
public void setVOMSStore(VOMSTrustStore store)
```
    Sets a new VOMSStore.
    
    Parameters:
    store - the new VOMS store.
  - verify
```
public boolean verify(AttributeCertificate ac)
```
    Verifies an Attribute Certificate according to RFC 3281.
    
    Parameters:
    ac - the Attribute Certificate to verify.
    
    Returns:
    true if the attribute certificate is verified, false otherwise.
  - verify
```
public boolean verify(java.security.cert.X509Certificate[] certs)
```
    Verifies an certificate chain according to RFC 3280.
    
    Parameters:
    certs - the chain to verify.
    
    Returns:
    true if the chain is verified, false otherwise.

Class PKIVerifier

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

SUBJECT_KEY_IDENTIFIER

AUTHORITY_KEY_IDENTIFIER

PROXYCERTINFO

PROXYCERTINFO_OLD

BASIC_CONSTRAINTS_IDENTIFIER

KEY_USAGE_IDENTIFIER

TARGET

Constructor Detail

PKIVerifier

PKIVerifier

PKIVerifier

Method Detail

cleanup

setCAStore

setVOMSStore

verify

verify