CertPathValidatorSpi

AI-generated Key Takeaways

CertPathValidatorSpi is a Service Provider Interface for CertPathValidator that handles certificate path validation.
Implementations must extend this class and provide their own logic for validating certificate paths.
Instances of this class are not inherently thread-safe, requiring external synchronization if shared among threads.
engineValidate method performs the core validation, while engineGetRevocationChecker (introduced in Java 1.8) handles revocation status checks.

public abstract class CertPathValidatorSpi extends Object

The Service Provider Interface (SPI) for the CertPathValidator class. All CertPathValidator implementations must include a class (the SPI class) that extends this class (CertPathValidatorSpi) and implements all of its methods. In general, instances of this class should only be accessed through the CertPathValidator class. For details, see the Java Cryptography Architecture.

Concurrent Access

Instances of this class need not be protected against concurrent access from multiple threads. Threads that need to access a single CertPathValidatorSpi instance concurrently should synchronize amongst themselves and provide the necessary locking before calling the wrapping CertPathValidator object.

However, implementations of CertPathValidatorSpi may still encounter concurrency issues, since multiple threads each manipulating a different CertPathValidatorSpi instance need not synchronize.

Public Constructor Summary

CertPathValidatorSpi()

The default constructor.

Public Method Summary

CertPathChecker	engineGetRevocationChecker() Returns a `CertPathChecker` that this implementation uses to check the revocation status of certificates.
abstract CertPathValidatorResult	engineValidate(CertPath certPath, CertPathParameters params) Validates the specified certification path using the specified algorithm parameter set.

Inherited Method Summary

From class java.lang.Object

Object	clone() Creates and returns a copy of this `Object`.
boolean	equals(Object obj) Compares this instance with the specified object and indicates if they are equal.
void	finalize() Invoked when the garbage collector has detected that this instance is no longer reachable.
final Class<?>	getClass() Returns the unique instance of `Class` that represents this object's class.
int	hashCode() Returns an integer hash code for this object.
final void	notify() Causes a thread which is waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
final void	notifyAll() Causes all threads which are waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
String	toString() Returns a string containing a concise, human-readable description of this object.
final void	wait(long timeout, int nanos) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.
final void	wait(long timeout) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.
final void	wait() Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object.

Public Constructors

public CertPathValidatorSpi ()

The default constructor.

Public Methods

public CertPathChecker engineGetRevocationChecker ()

Returns a CertPathChecker that this implementation uses to check the revocation status of certificates. A PKIX implementation returns objects of type PKIXRevocationChecker.

The primary purpose of this method is to allow callers to specify additional input parameters and options specific to revocation checking. See the class description of CertPathValidator for an example.

This method was added to version 1.8 of the Java Platform Standard Edition. In order to maintain backwards compatibility with existing service providers, this method cannot be abstract and by default throws an UnsupportedOperationException.

Returns

a CertPathChecker that this implementation uses to check the revocation status of certificates

Throws

UnsupportedOperationException	if this method is not supported

public abstract CertPathValidatorResult engineValidate (CertPath certPath, CertPathParameters params)

Validates the specified certification path using the specified algorithm parameter set.

The CertPath specified must be of a type that is supported by the validation algorithm, otherwise an InvalidAlgorithmParameterException will be thrown. For example, a CertPathValidator that implements the PKIX algorithm validates CertPath objects of type X.509.

Parameters

certPath	the `CertPath` to be validated
params	the algorithm parameters

Returns

the result of the validation algorithm

Throws

CertPathValidatorException	if the `CertPath` does not validate
InvalidAlgorithmParameterException	if the specified parameters or the type of the specified `CertPath` are inappropriate for this `CertPathValidator`

CertPathValidatorSpi Stay organized with collections Save and categorize content based on your preferences.

AI-generated Key Takeaways

Public Constructor Summary

Public Method Summary

Inherited Method Summary

Public Constructors

public CertPathValidatorSpi ()

Public Methods

public CertPathChecker engineGetRevocationChecker ()

Returns

Throws

public abstract CertPathValidatorResult engineValidate (CertPath certPath, CertPathParameters params)

Parameters

Returns

Throws

CertPathValidatorSpi