Class UnsupportedCriticalExtensionChecker

  • All Implemented Interfaces:
    CertificateChecker

    public class UnsupportedCriticalExtensionChecker
    extends java.lang.Object
    implements CertificateChecker
    Checks if the certificate includes unsupported critical extensions.
    Since:
    1.0
    Version:
    ${version}
    • Constructor Detail

      • UnsupportedCriticalExtensionChecker

        public UnsupportedCriticalExtensionChecker()
    • Method Detail

      • invoke

        public void invoke​(java.security.cert.X509Certificate cert,
                           GSIConstants.CertificateType certType)
                    throws java.security.cert.CertPathValidatorException
        Method that checks if there are unsupported critical extension. Supported ones are only BasicConstrains, KeyUsage, Proxy Certificate (old and new)
        Specified by:
        invoke in interface CertificateChecker
        Parameters:
        cert - The certificate to validate.
        certType - The type of certificate to validate.
        Throws:
        java.security.cert.CertPathValidatorException - If any critical extension that is not supported is in the certificate. Anything other than those listed above will trigger the exception.
      • isUnsupported

        private void isUnsupported​(GSIConstants.CertificateType certType,
                                   java.lang.String criticalExtensionOid)
                            throws java.security.cert.CertPathValidatorException
        Throws:
        java.security.cert.CertPathValidatorException