public abstract class CertPath extends Object implements Serializable
This is an abstract class that defines the methods common to all
CertPath
s. Subclasses can handle different kinds of
certificates (X.509, PGP, etc.).
All CertPath
objects have a type, a list of
Certificate
s, and one or more supported encodings. Because the
CertPath
class is immutable, a CertPath
cannot
change in any externally visible way after being constructed. This
stipulation applies to all public fields and methods of this class and any
added or overridden by subclasses.
The type is a String
that identifies the type of
Certificate
s in the certification path. For each
certificate cert
in a certification path certPath
,
cert.getType().equals(certPath.getType())
must be
true
.
The list of Certificate
s is an ordered List
of
zero or more Certificate
s. This List
and all
of the Certificate
s contained in it must be immutable.
Each CertPath
object must support one or more encodings
so that the object can be translated into a byte array for storage or
transmission to other parties. Preferably, these encodings should be
well-documented standards (such as PKCS#7). One of the encodings supported
by a CertPath
is considered the default encoding. This
encoding is used if no encoding is explicitly requested (for the
getEncoded()
method, for instance).
All CertPath
objects are also Serializable
.
CertPath
objects are resolved into an alternate
CertPathRep
object during serialization. This allows
a CertPath
object to be serialized into an equivalent
representation regardless of its underlying implementation.
CertPath
objects can be created with a
CertificateFactory
or they can be returned by other classes,
such as a CertPathBuilder
.
By convention, X.509 CertPath
s (consisting of
X509Certificate
s), are ordered starting with the target
certificate and ending with a certificate issued by the trust anchor. That
is, the issuer of one certificate is the subject of the following one. The
certificate representing the TrustAnchor
should not be
included in the certification path. Unvalidated X.509 CertPath
s
may not follow these conventions. PKIX CertPathValidator
s will
detect any departure from these conventions that cause the certification
path to be invalid and throw a CertPathValidatorException
.
Every implementation of the Java platform is required to support the
following standard CertPath
encodings:
PKCS7
PkiPath
Concurrent Access
All CertPath
objects must be thread-safe. That is, multiple
threads may concurrently invoke the methods defined in this class on a
single CertPath
object (or more than one) with no
ill effects. This is also true for the List
returned by
CertPath.getCertificates
.
Requiring CertPath
objects to be immutable and thread-safe
allows them to be passed around to various pieces of code without worrying
about coordinating access. Providing this thread-safety is
generally not difficult, since the CertPath
and
List
objects in question are immutable.
CertificateFactory
,
CertPathBuilder
,
Serialized FormModifier and Type | Class and Description |
---|---|
protected static class |
CertPath.CertPathRep
Alternate
CertPath class for serialization. |
Modifier | Constructor and Description |
---|---|
protected |
CertPath(String type)
Creates a
CertPath of the specified type. |
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object other)
Compares this certification path for equality with the specified
object.
|
abstract List<? extends Certificate> |
getCertificates()
Returns the list of certificates in this certification path.
|
abstract byte[] |
getEncoded()
Returns the encoded form of this certification path, using the default
encoding.
|
abstract byte[] |
getEncoded(String encoding)
Returns the encoded form of this certification path, using the
specified encoding.
|
abstract Iterator<String> |
getEncodings()
Returns an iteration of the encodings supported by this certification
path, with the default encoding first.
|
String |
getType()
Returns the type of
Certificate s in this certification
path. |
int |
hashCode()
Returns the hashcode for this certification path.
|
String |
toString()
Returns a string representation of this certification path.
|
protected Object |
writeReplace()
Replaces the
CertPath to be serialized with a
CertPathRep object. |
protected CertPath(String type)
CertPath
of the specified type.
This constructor is protected because most users should use a
CertificateFactory
to create CertPath
s.
type
- the standard name of the type of
Certificate
s in this pathpublic String getType()
Certificate
s in this certification
path. This is the same string that would be returned by
cert.getType()
for all Certificate
s in the certification path.Certificate
s in this certification
path (never null)public abstract Iterator<String> getEncodings()
Iterator
via its remove
method result in an
UnsupportedOperationException
.Iterator
over the names of the supported
encodings (as Strings)public boolean equals(Object other)
CertPath
s are equal if and only if their
types are equal and their certificate List
s (and by
implication the Certificate
s in those List
s)
are equal. A CertPath
is never equal to an object that is
not a CertPath
.
This algorithm is implemented by this method. If it is overridden, the behavior specified here must be maintained.
equals
in class Object
other
- the object to test for equality with this certification pathObject.hashCode()
,
HashMap
public int hashCode()
hashCode = path.getType().hashCode();
hashCode = 31*hashCode + path.getCertificates().hashCode();
This ensures that path1.equals(path2)
implies that
path1.hashCode()==path2.hashCode()
for any two certification
paths, path1
and path2
, as required by the
general contract of Object.hashCode
.hashCode
in class Object
Object.equals(java.lang.Object)
,
System.identityHashCode(java.lang.Object)
public String toString()
toString
method on each of the
Certificate
s in the path.public abstract byte[] getEncoded() throws CertificateEncodingException
CertificateEncodingException
- if an encoding error occurspublic abstract byte[] getEncoded(String encoding) throws CertificateEncodingException
encoding
- the name of the encoding to useCertificateEncodingException
- if an encoding error occurs or
the encoding requested is not supportedpublic abstract List<? extends Certificate> getCertificates()
List
returned must be immutable and thread-safe.List
of Certificate
s
(may be empty, but not null)protected Object writeReplace() throws ObjectStreamException
CertPath
to be serialized with a
CertPathRep
object.CertPathRep
to be serializedObjectStreamException
- if a CertPathRep
object
representing this certification path could not be created Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2024, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.