Class CertificateVerification


  • public class CertificateVerification
    extends java.lang.Object
    This class consists of some methods that allow you to verify certificates.
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
      Verifies a single certificate.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Calendar calendar)
      Verifies a certificate chain against a KeyStore.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
      Verifies a certificate chain against a KeyStore.
      static boolean verifyOcspCertificates​(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp, java.security.KeyStore keystore, java.lang.String provider)
      Verifies an OCSP response against a KeyStore.
      static boolean verifyTimestampCertificates​(org.bouncycastle.tsp.TimeStampToken ts, java.security.KeyStore keystore, java.lang.String provider)
      Verifies a time stamp against a KeyStore.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • CertificateVerification

        public CertificateVerification()
    • Method Detail

      • verifyCertificate

        public static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert,
                                                         java.util.Collection<java.security.cert.CRL> crls,
                                                         java.util.Calendar calendar)
        Verifies a single certificate.
        Parameters:
        cert - the certificate to verify
        crls - the certificate revocation list or null
        calendar - the date or null for the current date
        Returns:
        a String with the error description or null if no error
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore,
                                                                               java.util.Collection<java.security.cert.CRL> crls,
                                                                               java.util.Calendar calendar)
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        crls - the certificate revocation list or null
        calendar - the date or null for the current date
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore,
                                                                               java.util.Calendar calendar)
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        calendar - the date or null for the current date
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
      • verifyOcspCertificates

        public static boolean verifyOcspCertificates​(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp,
                                                     java.security.KeyStore keystore,
                                                     java.lang.String provider)
        Verifies an OCSP response against a KeyStore.
        Parameters:
        ocsp - the OCSP response
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found
      • verifyTimestampCertificates

        public static boolean verifyTimestampCertificates​(org.bouncycastle.tsp.TimeStampToken ts,
                                                          java.security.KeyStore keystore,
                                                          java.lang.String provider)
        Verifies a time stamp against a KeyStore.
        Parameters:
        ts - the time stamp
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found