- java.lang.Object
-
- java.security.cert.CertPath
-
- All Implemented Interfaces:
- Serializable
public abstract class CertPath extends Object implements Serializable
An immutable sequence of certificates (a certification path).This is an abstract class that defines the methods common to all
CertPath
s. Subclasses can handle different kinds of certificates (X.509, PGP, etc.).All
CertPath
objects have a type, a list ofCertificate
s, and one or more supported encodings. Because theCertPath
class is immutable, aCertPath
cannot change in any externally visible way after being constructed. This stipulation applies to all public fields and methods of this class and any added or overridden by subclasses.The type is a
String
that identifies the type ofCertificate
s in the certification path. For each certificatecert
in a certification pathcertPath
,cert.getType().equals(certPath.getType())
must betrue
.The list of
Certificate
s is an orderedList
of zero or moreCertificate
s. ThisList
and all of theCertificate
s contained in it must be immutable.Each
CertPath
object must support one or more encodings so that the object can be translated into a byte array for storage or transmission to other parties. Preferably, these encodings should be well-documented standards (such as PKCS#7). One of the encodings supported by aCertPath
is considered the default encoding. This encoding is used if no encoding is explicitly requested (for thegetEncoded()
method, for instance).All
CertPath
objects are alsoSerializable
.CertPath
objects are resolved into an alternateCertPathRep
object during serialization. This allows aCertPath
object to be serialized into an equivalent representation regardless of its underlying implementation.CertPath
objects can be created with aCertificateFactory
or they can be returned by other classes, such as aCertPathBuilder
.By convention, X.509
CertPath
s (consisting ofX509Certificate
s), are ordered starting with the target certificate and ending with a certificate issued by the trust anchor. That is, the issuer of one certificate is the subject of the following one. The certificate representing theTrustAnchor
should not be included in the certification path. Unvalidated X.509CertPath
s may not follow these conventions. PKIXCertPathValidator
s will detect any departure from these conventions that cause the certification path to be invalid and throw aCertPathValidatorException
.Every implementation of the Java platform is required to support the following standard
CertPath
encodings:- PKCS7
- PkiPath
Concurrent Access
All
CertPath
objects must be thread-safe. That is, multiple threads may concurrently invoke the methods defined in this class on a singleCertPath
object (or more than one) with no ill effects. This is also true for theList
returned byCertPath.getCertificates
.Requiring
CertPath
objects to be immutable and thread-safe allows them to be passed around to various pieces of code without worrying about coordinating access. Providing this thread-safety is generally not difficult, since theCertPath
andList
objects in question are immutable.- Since:
- 1.4
- See Also:
CertificateFactory
,CertPathBuilder
, Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class and Description protected static class
CertPath.CertPathRep
AlternateCertPath
class for serialization.
-
Constructor Summary
Constructors Modifier Constructor and Description protected
CertPath(String type)
Creates aCertPath
of the specified type.
-
Method Summary
Methods Modifier and Type Method and Description boolean
equals(Object other)
Compares this certification path for equality with the specified object.abstract List<? extends Certificate>
getCertificates()
Returns the list of certificates in this certification path.abstract byte[]
getEncoded()
Returns the encoded form of this certification path, using the default encoding.abstract byte[]
getEncoded(String encoding)
Returns the encoded form of this certification path, using the specified encoding.abstract Iterator<String>
getEncodings()
Returns an iteration of the encodings supported by this certification path, with the default encoding first.String
getType()
Returns the type ofCertificate
s in this certification path.int
hashCode()
Returns the hashcode for this certification path.String
toString()
Returns a string representation of this certification path.protected Object
writeReplace()
Replaces theCertPath
to be serialized with aCertPathRep
object.
-
-
-
Constructor Detail
-
CertPath
protected CertPath(String type)
Creates aCertPath
of the specified type.This constructor is protected because most users should use a
CertificateFactory
to createCertPath
s.- Parameters:
type
- the standard name of the type ofCertificate
s in this path
-
-
Method Detail
-
getType
public String getType()
Returns the type ofCertificate
s in this certification path. This is the same string that would be returned bycert.getType()
for allCertificate
s in the certification path.- Returns:
- the type of
Certificate
s in this certification path (never null)
-
getEncodings
public abstract Iterator<String> getEncodings()
Returns an iteration of the encodings supported by this certification path, with the default encoding first. Attempts to modify the returnedIterator
via itsremove
method result in anUnsupportedOperationException
.- Returns:
- an
Iterator
over the names of the supported encodings (as Strings)
-
equals
public boolean equals(Object other)
Compares this certification path for equality with the specified object. TwoCertPath
s are equal if and only if their types are equal and their certificateList
s (and by implication theCertificate
s in thoseList
s) are equal. ACertPath
is never equal to an object that is not aCertPath
.This algorithm is implemented by this method. If it is overridden, the behavior specified here must be maintained.
- Overrides:
equals
in classObject
- Parameters:
other
- the object to test for equality with this certification path- Returns:
- true if the specified object is equal to this certification path, false otherwise
- See Also:
Object.hashCode()
,HashMap
-
hashCode
public int hashCode()
Returns the hashcode for this certification path. The hash code of a certification path is defined to be the result of the following calculation:
This ensures thathashCode = path.getType().hashCode(); hashCode = 31*hashCode + path.getCertificates().hashCode();
path1.equals(path2)
implies thatpath1.hashCode()==path2.hashCode()
for any two certification paths,path1
andpath2
, as required by the general contract ofObject.hashCode
.- Overrides:
hashCode
in classObject
- Returns:
- the hashcode value for this certification path
- See Also:
Object.equals(java.lang.Object)
,System.identityHashCode(java.lang.Object)
-
toString
public String toString()
Returns a string representation of this certification path. This calls thetoString
method on each of theCertificate
s in the path.
-
getEncoded
public abstract byte[] getEncoded() throws CertificateEncodingException
Returns the encoded form of this certification path, using the default encoding.- Returns:
- the encoded bytes
- Throws:
CertificateEncodingException
- if an encoding error occurs
-
getEncoded
public abstract byte[] getEncoded(String encoding) throws CertificateEncodingException
Returns the encoded form of this certification path, using the specified encoding.- Parameters:
encoding
- the name of the encoding to use- Returns:
- the encoded bytes
- Throws:
CertificateEncodingException
- if an encoding error occurs or the encoding requested is not supported
-
getCertificates
public abstract List<? extends Certificate> getCertificates()
Returns the list of certificates in this certification path. TheList
returned must be immutable and thread-safe.- Returns:
- an immutable
List
ofCertificate
s (may be empty, but not null)
-
writeReplace
protected Object writeReplace() throws ObjectStreamException
Replaces theCertPath
to be serialized with aCertPathRep
object.- Returns:
- the
CertPathRep
to be serialized - Throws:
ObjectStreamException
- if aCertPathRep
object representing this certification path could not be created
-
-
Nederlandse vertaling
U hebt gevraagd om deze site in het Nederlands te bezoeken. Voor nu wordt alleen de interface vertaald, maar nog niet alle inhoud.Als je me wilt helpen met vertalingen, is je bijdrage welkom. Het enige dat u hoeft te doen, is u op de site registreren en mij een bericht sturen waarin u wordt gevraagd om u toe te voegen aan de groep vertalers, zodat u de gewenste pagina's kunt vertalen. Een link onderaan elke vertaalde pagina geeft aan dat u de vertaler bent en heeft een link naar uw profiel.
Bij voorbaat dank.
Document heeft de 11/06/2005 gemaakt, de laatste keer de 04/03/2020 gewijzigd
Bron van het afgedrukte document:https://www.gaudry.be/nl/java-api-rf-java/security/cert/certpath.html
De infobrol is een persoonlijke site waarvan de inhoud uitsluitend mijn verantwoordelijkheid is. De tekst is beschikbaar onder CreativeCommons-licentie (BY-NC-SA). Meer info op de gebruiksvoorwaarden en de auteur.
Referenties
Deze verwijzingen en links verwijzen naar documenten die geraadpleegd zijn tijdens het schrijven van deze pagina, of die aanvullende informatie kunnen geven, maar de auteurs van deze bronnen kunnen niet verantwoordelijk worden gehouden voor de inhoud van deze pagina.
De auteur Deze site is als enige verantwoordelijk voor de manier waarop de verschillende concepten, en de vrijheden die met de referentiewerken worden genomen, hier worden gepresenteerd. Vergeet niet dat u meerdere broninformatie moet doorgeven om het risico op fouten te verkleinen.