- All Implemented Interfaces:
public abstract class CertPath extends Object implements Serializable
This is an abstract class that defines the methods common to all
CertPaths. Subclasses can handle different kinds of
certificates (X.509, PGP, etc.).
CertPath objects have a type, a list of
Certificates, and one or more supported encodings. Because the
CertPath class is immutable, a
change in any externally visible way after being constructed. This
stipulation applies to all public fields and methods of this class and any
added or overridden by subclasses.
The type is a
String that identifies the type of
Certificates in the certification path. For each
cert in a certification path
cert.getType().equals(certPath.getType()) must be
The list of
Certificates is an ordered
zero or more
List and all
Certificates contained in it must be immutable.
CertPath object must support one or more encodings
so that the object can be translated into a byte array for storage or
transmission to other parties. Preferably, these encodings should be
well-documented standards (such as PKCS#7). One of the encodings supported
CertPath is considered the default encoding. This
encoding is used if no encoding is explicitly requested (for the
getEncoded() method, for instance).
CertPath objects are also
CertPath objects are resolved into an alternate
CertPathRep object during serialization. This allows
CertPath object to be serialized into an equivalent
representation regardless of its underlying implementation.
CertPath objects can be created with a
CertificateFactory or they can be returned by other classes,
such as a
By convention, X.509
CertPaths (consisting of
X509Certificates), are ordered starting with the target
certificate and ending with a certificate issued by the trust anchor. That
is, the issuer of one certificate is the subject of the following one. The
certificate representing the
TrustAnchor should not be
included in the certification path. Unvalidated X.509
may not follow these conventions. PKIX
detect any departure from these conventions that cause the certification
path to be invalid and throw a
Every implementation of the Java platform is required to support the
CertPath objects must be thread-safe. That is, multiple
threads may concurrently invoke the methods defined in this class on a
CertPath object (or more than one) with no
ill effects. This is also true for the
List returned by
CertPath objects to be immutable and thread-safe
allows them to be passed around to various pieces of code without worrying
about coordinating access. Providing this thread-safety is
generally not difficult, since the
List objects in question are immutable.
Nested Class Summary
Nested Classes Modifier and Type Class Description
protected static class
CertPathclass for serialization.
Modifier and Type Method Description
equals(Object other)Compares this certification path for equality with the specified object.
abstract List<? extends Certificate>
getCertificates()Returns the list of certificates in this certification path.
getEncoded()Returns the encoded form of this certification path, using the default encoding.
getEncoded(String encoding)Returns the encoded form of this certification path, using the specified encoding.
getEncodings()Returns an iteration of the encodings supported by this certification path, with the default encoding first.
getType()Returns the type of
Certificates in this certification path.
hashCode()Returns the hashcode for this certification path.
toString()Returns a string representation of this certification path.
CertPathto be serialized with a
public String getType()Returns the type of
Certificates in this certification path. This is the same string that would be returned by
Certificates in the certification path.
- the type of
Certificates in this certification path (never null)
Returns an iteration of the encodings supported by this certification path, with the default encoding first. Attempts to modify the returned
removemethod result in an
Iteratorover the names of the supported encodings (as Strings)
public boolean equals(Object other)Compares this certification path for equality with the specified object. Two
CertPaths are equal if and only if their types are equal and their certificate
Lists (and by implication the
Certificates in those
Lists) are equal. A
CertPathis never equal to an object that is not a
This algorithm is implemented by this method. If it is overridden, the behavior specified here must be maintained.
public int hashCode()Returns the hashcode for this certification path. The hash code of a certification path is defined to be the result of the following calculation:
This ensures that
hashCode = path.getType().hashCode(); hashCode = 31*hashCode + path.getCertificates().hashCode();
path1.hashCode()==path2.hashCode()for any two certification paths,
path2, as required by the general contract of
public String toString()Returns a string representation of this certification path. This calls the
toStringmethod on each of the
Certificates in the path.
public abstract byte getEncoded() throws CertificateEncodingExceptionReturns the encoded form of this certification path, using the default encoding.
- the encoded bytes
CertificateEncodingException- if an encoding error occurs
Returns the encoded form of this certification path, using the specified encoding.
encoding- the name of the encoding to use
- the encoded bytes
CertificateEncodingException- if an encoding error occurs or the encoding requested is not supported
Returns the list of certificates in this certification path. The
Listreturned must be immutable and thread-safe.
- an immutable
Certificates (may be empty, but not null)
CertPathto be serialized with a
CertPathRepto be serialized
ObjectStreamException- if a
CertPathRepobject representing this certification path could not be created