PKIXParameters JDK 1.6)

public void addCertPathChecker (PKIXCertPathChecker checker)

Adds a PKIXCertPathChecker to the list of certification path checkers.

Adds a PKIXCertPathChecker to the list of certification path checkers. See the setCertPathCheckers method for more details.

Note that the PKIXCertPathChecker is cloned to protect against subsequent modifications.
Parameters:
- checker - a PKIXCertPathChecker to add to the list of checks. If null, the checker is ignored (not added to list).

public void addCertStore (CertStore store)

Adds a CertStore to the end of the list of CertStores used in finding certificates and CRLs.

Adds a CertStore to the end of the list of
CertStores used in finding certificates and CRLs.
Parameters:
- store - the CertStore to add. If null, the store is ignored (not added to list).

public Object clone () [Specified in CertPathParameters]

Makes a copy of this PKIXParameters object.

Makes a copy of this PKIXParameters object. Changes
to the copy will not affect the original and vice versa.
Returns: a copy of this PKIXParameters object

public List<PKIXCertPathChecker> getCertPathCheckers ()

Returns the List of certification path checkers.

Returns the List of certification path checkers.
The returned List is immutable, and each
PKIXCertPathChecker in the List is cloned
to protect against subsequent modifications.
Returns: an immutable List of PKIXCertPathCheckers (may be empty, but not null)
See Also: PKIXParameters.setCertPathCheckers(java.util.List),

public List<CertStore> getCertStores ()

Returns an immutable List of CertStores that are used to find certificates and CRLs.

Returns an immutable List of CertStores that
are used to find certificates and CRLs.
Returns: an immutable List of CertStores (may be empty, but never null)
See Also: PKIXParameters.setCertStores(java.util.List),

public Date getDate ()

Returns the time for which the validity of the certification path should be determined.

Returns the time for which the validity of the certification path should be determined. If null, the current time is used.

Note that the Date returned is copied to protect against subsequent modifications.
Returns: the Date, or null if not set
See Also: PKIXParameters.setDate(java.util.Date),

public Set<String> getInitialPolicies ()

Returns an immutable Set of initial policy identifiers (OID strings), indicating that any one of these policies would be acceptable to the certificate user for the purposes of certification path processing.

Returns an immutable Set of initial
policy identifiers (OID strings), indicating that any one of these
policies would be acceptable to the certificate user for the purposes of
certification path processing. The default return value is an empty
Set, which is interpreted as meaning that any policy would
be acceptable.
Returns: an immutable Set of initial policy OIDs in String format, or an empty Set (implying any policy is acceptable). Never returns null.
See Also: PKIXParameters.setInitialPolicies(java.util.Set),

public boolean getPolicyQualifiersRejected ()

Gets the PolicyQualifiersRejected flag.

public String getSigProvider ()

Returns the signature provider's name, or null if not set.

Returns the signature provider's name, or null
if not set.
Returns: the signature provider's name (or null)
See Also: PKIXParameters.setSigProvider(java.lang.String),

public CertSelector getTargetCertConstraints ()

Returns the required constraints on the target certificate.

Returns the required constraints on the target certificate. The constraints are returned as an instance of CertSelector. If null, no constraints are defined.

Note that the CertSelector returned is cloned to protect against subsequent modifications.
Returns: a CertSelector specifying the constraints on the target certificate (or null)
See Also: PKIXParameters.setTargetCertConstraints(java.security.cert.CertSelector),

public Set<TrustAnchor> getTrustAnchors ()

Returns an immutable Set of the most-trusted CAs.

Returns an immutable Set of the most-trusted
CAs.
Returns: an immutable Set of TrustAnchors (never null)
See Also: PKIXParameters.setTrustAnchors(java.util.Set),

public boolean isAnyPolicyInhibited ()

Checks whether the any policy OID should be processed if it is included in a certificate.

Checks whether the any policy OID should be processed if it
is included in a certificate.
Returns: true if the any policy OID is inhibited, false otherwise

public boolean isExplicitPolicyRequired ()

Checks if explicit policy is required.

Checks if explicit policy is required. If this flag is true, an
acceptable policy needs to be explicitly identified in every certificate.
By default, the ExplicitPolicyRequired flag is false.
Returns: true if explicit policy is required, false otherwise

public boolean isPolicyMappingInhibited ()

Checks if policy mapping is inhibited.

public boolean isRevocationEnabled ()

Checks the RevocationEnabled flag.

public void setAnyPolicyInhibited (boolean val)

Sets state to determine if the any policy OID should be processed if it is included in a certificate.

Sets state to determine if the any policy OID should be processed
if it is included in a certificate. By default, the any policy OID
is not inhibited (isAnyPolicyInhibited()
returns false).
Parameters:
- val - true if the any policy OID is to be inhibited, false otherwise

public void setCertPathCheckers (List<PKIXCertPathChecker> checkers)

Sets a List of additional certification path checkers.

Sets a List of additional certification path checkers. If the specified List contains an object that is not a PKIXCertPathChecker, it is ignored.

Each PKIXCertPathChecker specified implements additional checks on a certificate. Typically, these are checks to process and verify private extensions contained in certificates. Each PKIXCertPathChecker should be instantiated with any initialization parameters needed to execute the check.

This method allows sophisticated applications to extend a PKIX CertPathValidator or CertPathBuilder. Each of the specified PKIXCertPathCheckers will be called, in turn, by a PKIX CertPathValidator or CertPathBuilder for each certificate processed or validated.

Regardless of whether these additional PKIXCertPathCheckers are set, a PKIX CertPathValidator or CertPathBuilder must perform all of the required PKIX checks on each certificate. The one exception to this rule is if the RevocationEnabled flag is set to false (see the setRevocationEnabled method).

Note that the List supplied here is copied and each PKIXCertPathChecker in the list is cloned to protect against subsequent modifications.
Parameters:
- checkers - a List of PKIXCertPathCheckers. May be null, in which case no additional checkers will be used.
Throws:
- ClassCastException - if any of the elements in the list are not of type java.security.cert.PKIXCertPathChecker
See Also: PKIXParameters.getCertPathCheckers(),

public void setCertStores (List<CertStore> stores)

Sets the list of CertStores to be used in finding certificates and CRLs.

Sets the list of CertStores to be used in finding certificates and CRLs. May be null, in which case no CertStores will be used. The first CertStores in the list may be preferred to those that appear later.

Note that the List is copied to protect against subsequent modifications.
Parameters:
- stores - a List of CertStores (or null)
Throws:
- ClassCastException - if any of the elements in the list are not of type java.security.cert.CertStore
See Also: PKIXParameters.getCertStores(),

public void setDate (Date date)

Sets the time for which the validity of the certification path should be determined.

Sets the time for which the validity of the certification path should be determined. If null, the current time is used.

Note that the Date supplied here is copied to protect against subsequent modifications.
Parameters:
- date - the Date, or null for the current time
See Also: PKIXParameters.getDate(),

public void setExplicitPolicyRequired (boolean val)

Sets the ExplicitPolicyRequired flag.

Sets the ExplicitPolicyRequired flag. If this flag is true, an
acceptable policy needs to be explicitly identified in every certificate.
By default, the ExplicitPolicyRequired flag is false.
Parameters:
- val - true if explicit policy is to be required, false otherwise

public void setInitialPolicies (Set<String> initialPolicies)

Sets the Set of initial policy identifiers (OID strings), indicating that any one of these policies would be acceptable to the certificate user for the purposes of certification path processing.

Sets the Set of initial policy identifiers (OID strings), indicating that any one of these policies would be acceptable to the certificate user for the purposes of certification path processing. By default, any policy is acceptable (i.e. all policies), so a user that wants to allow any policy as acceptable does not need to call this method, or can call it with an empty Set (or null).

Note that the Set is copied to protect against subsequent modifications.
Parameters:
- initialPolicies - a Set of initial policy OIDs in String format (or null)
Throws:
- ClassCastException - if any of the elements in the set are not of type String
See Also: PKIXParameters.getInitialPolicies(),

public void setPolicyMappingInhibited (boolean val)

Sets the PolicyMappingInhibited flag.

Sets the PolicyMappingInhibited flag. If this flag is true, policy
mapping is inhibited. By default, policy mapping is not inhibited (the
flag is false).
Parameters:
- val - true if policy mapping is to be inhibited, false otherwise

public void setPolicyQualifiersRejected (boolean qualifiersRejected)

Sets the PolicyQualifiersRejected flag.

public void setRevocationEnabled (boolean val)

Sets the RevocationEnabled flag.

public void setSigProvider (String sigProvider)

Sets the signature provider's name.

Sets the signature provider's name. The specified provider will be
preferred when creating Signature
objects. If null or not set, the first provider found
supporting the algorithm will be used.
Parameters:
- sigProvider - the signature provider's name (or null)
See Also: PKIXParameters.getSigProvider(),

public void setTargetCertConstraints (CertSelector selector)

Sets the required constraints on the target certificate.

Sets the required constraints on the target certificate. The constraints are specified as an instance of CertSelector. If null, no constraints are defined.

Note that the CertSelector specified is cloned to protect against subsequent modifications.
Parameters:
- selector - a CertSelector specifying the constraints on the target certificate (or null)
See Also: PKIXParameters.getTargetCertConstraints(),

public void setTrustAnchors (Set<TrustAnchor> trustAnchors) throws InvalidAlgorithmParameterException

Sets the Set of most-trusted CAs.

Note that the Set is copied to protect against subsequent modifications.
Parameters:
- trustAnchors - a Set of TrustAnchors
Throws:
- InvalidAlgorithmParameterException - if the specified Set is empty (trustAnchors.isEmpty() == true)
- NullPointerException - if the specified Set is null
- ClassCastException - if any of the elements in the set are not of type java.security.cert.TrustAnchor
See Also: PKIXParameters.getTrustAnchors(),

public String toString ()

Returns a formatted string describing the parameters.