This package provides all the classes and all the interfaces needed to generate, administer and verify
X.509 certificates.
Functionality for parsing certificate, extracting information from them, validating and
verifying the information they contains are provided.
Exception are generated mainly for three reasons:
- if the certificate's encoding is broken
(CertificateEncodingException)
- if the certificate's time stamp is not valid
(CertificateExpiredException)
- or if the validation's path is false (CertPathValidatorException).
The functionality to check the different entries and extension fields of X.509 certificates are also provided.
CertPathBuilderResult |
The interface for results generated by
build(CertPathParameters)
.
|
CertPathParameters | The interface specification for certification path algorithm parameters. |
CertPathValidatorResult | The interface specification for certification path validation results. |
CertSelector |
The interface specification to determine whether a
Certificate
meets some criteria.
|
CertStoreParameters |
The marker interface specifying the parameters used to initialize a
CertStore
instance.
|
CRLSelector |
The interface specification for determining whether a CRL meets some criteria
to select CRL objects among a set of
CRL
s.
|
PolicyNode | The interface to a valid policy tree node for the PKIX certification path validation algorithm. |
X509Extension | The interface specifying an X.509 Certificate or CRL extension. |
Certificate | Abstract class to represent identity certificates. |
Certificate.CertificateRep |
The alternate
Serializable
class to be used for serialization and
deserialization of
Certificate
objects.
|
CertificateFactory | This class implements the functionality of a certificate factory algorithm, relying on parsing a stream of bytes. |
CertificateFactorySpi |
This class defines the
Service Provider Interface
(
SPI
) for the
CertificateFactory
class.
|
CertPath | An immutable certificate path that can be validated. |
CertPath.CertPathRep |
The alternate
Serializable
class to be used for serialization and
deserialization on
CertPath
objects.
|
CertPathBuilder | This class implements the functionality of a builder for an unverified Certification Path s from a specified certificate to a trust anchor. |
CertPathBuilderSpi |
The
Service Provider Interface
(
SPI
) for the
CertPathBuilder
class to be implemented by security providers.
|
CertPathValidator | This class provides the functionality for validating certification paths (certificate chains) establishing a trust chain from a certificate to a trust anchor. |
CertPathValidatorSpi |
The
Service Provider Interface
(
SPI
) for the
CertPathValidator
class to be implemented by security providers.
|
CertStore |
This class provides the functionality to retrieve
Certificate
s and
CRL
s from a read-only repository.
|
CertStoreSpi |
The
Service Provider Interface
(
SPI
) definition for the
CertStore
class to be implemented by security providers.
|
CollectionCertStoreParameters |
The parameters to initialize a
Collection
type
CertStore
instance.
|
CRL | This class represents Certificate Revocation Lists (CRLs) maintained by a certificate authority. |
LDAPCertStoreParameters |
The parameters to initialize a LDAP
CertStore
instance.
|
PKIXBuilderParameters |
The parameter specification for a PKIX
CertPathBuilder
algorithm used to
build
certificate chains validated with the PKIX certification path validation.
|
PKIXCertPathBuilderResult |
The result of the PKIX certification path builder, returned by
build(CertPathParameters)
.
|
PKIXCertPathChecker |
The class specifying the interface to extend the certification path
validation algorithm by checks to perform on an
X509Certificate
.
|
PKIXCertPathValidatorResult | The implementation of the result of the PKIX certification path validation. |
PKIXParameters |
This class implements the parameters for the
PKIX CertPathValidator
.
|
PolicyQualifierInfo |
This class implements a policy qualifier as defined by the ASN.1
PolicyQualifierInfo
structure.
|
TrustAnchor | This class represents a trust anchor for validation of X.509 certification path. |
X509Certificate | Abstract base class for X.509 certificates. |
X509CertSelector |
A certificate selector (
CertSelector
for selecting
X509Certificate
s that match the specified criteria.
|
X509CRL | Abstract base class for X.509 certificate revocation lists (CRL). |
X509CRLEntry | Abstract base class for entries in a certificate revocation list (CRL). |
X509CRLSelector |
A CRL selector (
CRLSelector
for selecting
X509CRL
s that match the specified criteria.
|
CertificateEncodingException |
The exception that is thrown when an error occurs while a
Certificate
is being encoded.
|
CertificateException |
The base class for all
Certificate
related exceptions.
|
CertificateExpiredException |
The exception that is thrown when a
Certificate
has expired.
|
CertificateNotYetValidException |
The exception that is thrown when a
Certificate
is not yet valid or
will not yet be valid on a specified date.
|
CertificateParsingException |
The exception that is thrown when a
Certificate
can not be parsed.
|
CertPathBuilderException |
The exception that is thrown when a
CertPathBuilder
method fails.
|
CertPathValidatorException | The exception that is thrown when a certification path (or certificate chain) cannot be validated. |
CertStoreException |
The exception that is thrown when an access to a
CertStore
fails.
|
CRLException |
The exception that is thrown if errors occur during handling of
CRL
s.
|