Class sun.security.ssl.CertChain 
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class sun.security.ssl.CertChain 

java.lang.Object
   |
   +----sun.security.ssl.CertChain
public class CertChain
extends Object
Represents a chain of X.509 certificates, with the self-signed certificate for a "root" CA at the end. Basic policy validation has been done on these chains, when instances of this class get constructed. Revalidation may be done at any time.

NOTE: This class will probably be augmented by a more general superclass, which has no knowledge of SSL.

Constructor Index

o CertChain(byte[])
Construct a cert chain from an array of data, in the form that toBytes() returns.
o CertChain(X509Cert[])
Builds a CertChain out of an ordered array of certificates.

Method Index

o getSubjectName()
Returns the name of this subject.
o getX509CertChain()
Returns the ordered chain of X.509 certificates.
o print(PrintStream)
Prints the certificate chain for informative purposes.
o revalidate()
Perform the policy based chain validation tests right now.
o toBytes()
Return an encoded version of the certificate chain.
o toString()
Summarizes the cert chain.

Constructors

o CertChain 
  public CertChain(X509Cert certs[]) throws CertException
Builds a CertChain out of an ordered array of certificates. All of the certificates must be currently valid, as must the order within the chain.
Parameters:
certs - the certificate chain, with the root CA at the end.
Throws: CertException
if certificates in the chain are invalid, the chain is not well constructed, or if cert chain security policies are not met.
o CertChain 
  public CertChain(byte data[]) throws IOException, CertException
Construct a cert chain from an array of data, in the form that toBytes() returns.

Methods

o revalidate 
  public void revalidate() throws CertException
Perform the policy based chain validation tests right now. These were made initially when the chain was accepted, but as time passes a chain may become invalid due to leaving the validity period of a certificate, revocations, the local trust policy changing, or for other reasons.

NOTE: As of this writing, there is no useful trust policy implemented. The certificates are only validated as to validity and signature consistency. Accordingly, you should not yet make security decisions based on whether the certificate chain is validated.

Throws: CertException
if certificates in the chain are invalid, the chain is not well constructed, or if trust policies are not satisfied.
o getSubjectName 
  public String getSubjectName()
Returns the name of this subject.
o toString 
  public String toString()
Summarizes the cert chain.
Overrides:
toString in class Object
o toBytes 
  public byte[] toBytes()
Return an encoded version of the certificate chain. The certs are encoded from subject to root, with each certificate preceded by a twenty-four bit "length" field (in big endian form).
o print 
  public void print(PrintStream p) throws IOException
Prints the certificate chain for informative purposes.
o getX509CertChain 
  public X509Cert[] getX509CertChain()
Returns the ordered chain of X.509 certificates. 
All Packages  Class Hierarchy  This Package  Previous  Next  Index