This abstract class defines an extension mechanism for the PKIX certification path building and validation algorithms. Most applications will never need to use this class. You may pass one or more PKIXCertPathChecker objects to the setCertPathCheckers( ) or addCertPathChecker( ) methods of the PKIXParameters or PKIXBuilderParameters object that is passed to the build( ) or validate( ) methods of a CertPathBuilder or CertPathValidator . The check( ) method of all PKIXCertPathChecker objects registered in this way will be invoked for each certificate considered in the building or validation algorithms. check( ) should throw a CertPathValidatorException if a certificate does not the implemented test. The init( ) method is invoked to tell the checker to reset its internal state and to notify it of the direction in which certificates will be presented. Checkers are not required to support the forward direction, and should return false from isForwardCheckingSupported( ) if they do not. Figure 14-68. java.security.cert.PKIXCertPathCheckerpublic abstract class PKIXCertPathChecker implements Cloneable { // Protected Constructors protected PKIXCertPathChecker ( ); // Public Instance Methods public abstract void check (java.security.cert.Certificate cert , java.util.Collection<String> unresolvedCritExts ) throws CertPathValidatorException; public abstract java.util.Set<String> getSupportedExtensions ( ); public abstract void init (boolean forward ) throws CertPathValidatorException; public abstract boolean isForwardCheckingSupported ( ); // Public Methods Overriding Object public Object clone ( ); } Passed ToPKIXParameters.addCertPathChecker( ) |