SimpleValidator (jsse 1.0.6 API)

java.lang.Object
- org.openeuler.sun.security.validator.Validator
- - org.openeuler.sun.security.validator.SimpleValidator

```
public final class SimpleValidator
extends Validator
```
A simple validator implementation. It is based on code from the JSSE X509TrustManagerImpl. This implementation is designed for compatibility with deployed certificates and previous J2SE versions. It will never support more advanced features and will be deemphasized in favor of the PKIX validator going forward.
SimpleValidator objects are immutable once they have been created. Please DO NOT add methods that can change the state of an instance once it has been created.

作者:

Andreas Sterbenz

字段概要

字段
限定符和类型	字段和说明
`private static String`	`NSCT_CODE_SIGNING_CA`
`private static String`	`NSCT_SSL_CA`
`(专用程序包) static sun.security.util.ObjectIdentifier`	`OBJID_NETSCAPE_CERT_TYPE`
`(专用程序包) static String`	`OID_BASIC_CONSTRAINTS`
`(专用程序包) static String`	`OID_EKU_ANY_USAGE`
`(专用程序包) static String`	`OID_EXTENDED_KEY_USAGE`
`(专用程序包) static String`	`OID_KEY_USAGE`
`(专用程序包) static String`	`OID_NETSCAPE_CERT_TYPE`
`private Collection<X509Certificate>`	`trustedCerts` Set of the trusted certificates.
`private Map<X500Principal,List<X509Certificate>>`	`trustedX500Principals` The trusted certificates as: Map (X500Principal)subject of trusted cert -> List of X509Certificate The list is used because there may be multiple certificates with an identical subject DN.

从类继承的字段 org.openeuler.sun.security.validator.Validator
CHAIN0, endEntityChecker, TYPE_PKIX, TYPE_SIMPLE, validationDate, VAR_CODE_SIGNING, VAR_GENERIC, VAR_JCE_SIGNING, VAR_PLUGIN_CODE_SIGNING, VAR_TLS_CLIENT, VAR_TLS_SERVER, VAR_TSA_SERVER, variant

构造器概要

构造器
构造器和说明

SimpleValidator(String variant, Collection<X509Certificate> trustedCerts)

构造器
构造器和说明
`SimpleValidator(String variant, Collection<X509Certificate> trustedCerts)`

方法概要

所有方法静态方法实例方法具体方法
限定符和类型	方法和说明
`private X509Certificate[]`	`buildTrustedChain(X509Certificate[] chain)` Build a trusted certificate chain.
`private int`	`checkBasicConstraints(X509Certificate cert, Set<String> critSet, int maxPathLen)`
`private int`	`checkExtensions(X509Certificate cert, int maxPathLen)`
`private void`	`checkKeyUsage(X509Certificate cert, Set<String> critSet)`
`private void`	`checkNetscapeCertType(X509Certificate cert, Set<String> critSet)`
`(专用程序包) X509Certificate[]`	`engineValidate(X509Certificate[] chain, Collection<X509Certificate> otherCerts, List<byte[]> responseList, AlgorithmConstraints constraints, Object parameter)` Perform simple validation of chain.
`(专用程序包) static boolean`	`getNetscapeCertTypeBit(X509Certificate cert, String type)` Get the value of the specified bit in the Netscape certificate type extension.
`private X509Certificate`	`getTrustedCertificate(X509Certificate cert)` Return a trusted certificate that matches the input certificate, or null if no such certificate can be found.
`Collection<X509Certificate>`	`getTrustedCertificates()` Returns an immutable Collection of the X509Certificates this instance uses as trust anchors.

从类继承的方法 org.openeuler.sun.security.validator.Validator
getInstance, getInstance, getInstance, setValidationDate, validate, validate, validate, validate

从类继承的方法 java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料
- OID_BASIC_CONSTRAINTS
```
static final String OID_BASIC_CONSTRAINTS
```
  另请参阅:
  
  常量字段值
- OID_NETSCAPE_CERT_TYPE
```
static final String OID_NETSCAPE_CERT_TYPE
```
  另请参阅:
  
  常量字段值
- OID_KEY_USAGE
```
static final String OID_KEY_USAGE
```
  另请参阅:
  
  常量字段值
- OID_EXTENDED_KEY_USAGE
```
static final String OID_EXTENDED_KEY_USAGE
```
  另请参阅:
  
  常量字段值
- OID_EKU_ANY_USAGE
```
static final String OID_EKU_ANY_USAGE
```
  另请参阅:
  
  常量字段值
- OBJID_NETSCAPE_CERT_TYPE
```
static final sun.security.util.ObjectIdentifier OBJID_NETSCAPE_CERT_TYPE
```
- NSCT_SSL_CA
```
private static final String NSCT_SSL_CA
```
  另请参阅:
  
  常量字段值
- NSCT_CODE_SIGNING_CA
```
private static final String NSCT_CODE_SIGNING_CA
```
  另请参阅:
  
  常量字段值
- trustedX500Principals
```
private final Map<X500Principal,List<X509Certificate>> trustedX500Principals
```
  The trusted certificates as: Map (X500Principal)subject of trusted cert -> List of X509Certificate The list is used because there may be multiple certificates with an identical subject DN.
- trustedCerts
```
private final Collection<X509Certificate> trustedCerts
```
  Set of the trusted certificates. Present only for getTrustedCertificates().

构造器详细资料

SimpleValidator

SimpleValidator(String variant,
                Collection<X509Certificate> trustedCerts)

方法详细资料

getTrustedCertificates
```
public Collection<X509Certificate> getTrustedCertificates()
```
从类复制的说明: Validator

Returns an immutable Collection of the X509Certificates this instance uses as trust anchors.

指定者:

getTrustedCertificates 在类中 Validator

engineValidate

X509Certificate[] engineValidate(X509Certificate[] chain,
                                 Collection<X509Certificate> otherCerts,
                                 List<byte[]> responseList,
                                 AlgorithmConstraints constraints,
                                 Object parameter)
                          throws CertificateException

Perform simple validation of chain. The arguments otherCerts and parameter are ignored.

指定者:: engineValidate 在类中 Validator
抛出:: CertificateException

checkExtensions

private int checkExtensions(X509Certificate cert,
                            int maxPathLen)
                     throws CertificateException

抛出:: CertificateException

checkNetscapeCertType

private void checkNetscapeCertType(X509Certificate cert,
                                   Set<String> critSet)
                            throws CertificateException

抛出:: CertificateException

getNetscapeCertTypeBit

static boolean getNetscapeCertTypeBit(X509Certificate cert,
                                      String type)

Get the value of the specified bit in the Netscape certificate type extension. If the extension is not present at all, we return true.

checkBasicConstraints

private int checkBasicConstraints(X509Certificate cert,
                                  Set<String> critSet,
                                  int maxPathLen)
                           throws CertificateException

抛出:: CertificateException

checkKeyUsage

private void checkKeyUsage(X509Certificate cert,
                           Set<String> critSet)
                    throws CertificateException

抛出:: CertificateException

buildTrustedChain
```
private X509Certificate[] buildTrustedChain(X509Certificate[] chain)
                                     throws CertificateException
```
Build a trusted certificate chain. This method always returns a chain with a trust anchor as the final cert in the chain. If no trust anchor could be found, a CertificateException is thrown.

抛出:

CertificateException

getTrustedCertificate
```
private X509Certificate getTrustedCertificate(X509Certificate cert)
```
Return a trusted certificate that matches the input certificate, or null if no such certificate can be found. This method also handles cases where a CA re-issues a trust anchor with the same public key and same subject and issuer names but a new validity period, etc.

类 SimpleValidator

字段概要

从类继承的字段 org.openeuler.sun.security.validator.Validator

构造器概要

方法概要

从类继承的方法 org.openeuler.sun.security.validator.Validator

从类继承的方法 java.lang.Object

字段详细资料

OID_BASIC_CONSTRAINTS

OID_NETSCAPE_CERT_TYPE

OID_KEY_USAGE

OID_EXTENDED_KEY_USAGE

OID_EKU_ANY_USAGE

OBJID_NETSCAPE_CERT_TYPE

NSCT_SSL_CA

NSCT_CODE_SIGNING_CA

trustedX500Principals

trustedCerts