PKIXParameters

This implementation of CertPathParameters defines parameters that are passed to the validate( ) method of a PKIX CertPathValidator and defines a subset of the parameters that are passed to the build( ) method of a PKIX CertPathBuilder . A full understanding of this class requires a detailed discussion of the PKIX certification path building and validation algorithms, which is beyond the scope of this book. However, some of the more important parameters are described here.

When you create a PKIXParameters object, you must specify which trust anchors are to be used. You can do this by passing a Set of TRustAnchor objects to the constructor, or by passing a KeyStore containing trust anchor keys to the constructor. Once a PKIXParameters object is created, you can modify the set of trustAnchor objects with setTrustAnchors( ) . Specify a Set of CertStore objects to be searched for certificates with setCertStores( ) or add a single CertStore to the set with addCertStore( ) . If certificate validity is to be checked for some date and time other than the current time, use setDate( ) to specify this date.

Figure 14-70. java.security.cert.PKIXParameters

 public class  PKIXParameters  implements CertPathParameters {  // Public Constructors  public  PKIXParameters  (java.security.KeyStore  keystore  )          throws java.security.KeyStoreException,          java.security.InvalidAlgorithmParameterException;        public  PKIXParameters  (java.util.Set<TrustAnchor>  trustAnchors  )  throws java.security.InvalidAlgorithmParameterException;  // Public Instance Methods  public void  addCertPathChecker  (PKIXCertPathChecker  checker  );        public void  addCertStore  (CertStore  store  );        public java.util.List<PKIXCertPathChecker>  getCertPathCheckers  ( );        public java.util.List<CertStore>  getCertStores  ( );        public java.util.Date  getDate  ( );        public java.util.Set<String>  getInitialPolicies  ( );        public boolean  getPolicyQualifiersRejected  ( );        public String  getSigProvider  ( );        public CertSelector  getTargetCertConstraints  ( );        public java.util.Set<TrustAnchor>  getTrustAnchors  ( );        public boolean  isAnyPolicyInhibited  ( );        public boolean  isExplicitPolicyRequired  ( );        public boolean  isPolicyMappingInhibited  ( );        public boolean  isRevocationEnabled  ( );        public void  setAnyPolicyInhibited  (boolean  val  );        public void  setCertPathCheckers  (java.util.List<PKIXCertPathChecker>  checkers  );        public void  setCertStores  (java.util.List<CertStore>  stores  );        public void  setDate  (java.util.Date  date  );        public void  setExplicitPolicyRequired  (boolean  val  );        public void  setInitialPolicies  (java.util.Set<String>  initialPolicies  );        public void  setPolicyMappingInhibited  (boolean  val  );        public void  setPolicyQualifiersRejected  (boolean  qualifiersRejected  );        public void  setRevocationEnabled  (boolean  val  );        public void  setSigProvider  (String  sigProvider  );        public void  setTargetCertConstraints  (CertSelector  selector  );        public void  setTrustAnchors  (java.util.Set<TrustAnchor>  trustAnchors  )  throws java.security.InvalidAlgorithmParameterException;  // Methods Implementing CertPathParameters  public Object  clone  ( );  // Public Methods Overriding Object  public String  toString  ( );   } 

Subclasses

PKIXBuilderParameters