Class TrustedCertPathFinder

java.lang.Object
org.globus.gsi.trustmanager.TrustedCertPathFinder

public final class TrustedCertPathFinder extends Object
Created by IntelliJ IDEA. User: turtlebender Date: Jan 20, 2010 Time: 4:51:38 PM To change this template use File | Settings | File Templates.
  • Method Details

    • findTrustedCertPath

      public static CertPath findTrustedCertPath(KeyStore keyStore, CertPath certPath) throws CertPathValidatorException
      Method that validates the provided cert path to find a trusted certificate in the certificate store.

      For each certificate i in certPath, it is expected that the i+1 certificate is the issuer of the certificate path. See CertPath.

      For each certificate i in certpath, validate signature of certificate i get issuer of certificate i get certificate i+i ensure that the certificate i+1 is issuer of certificate i If not, throw an exception for illegal argument validate signature of i+1 Throw exception if it does not validate check if i+1 is a trusted certificate in the trust store. If so return certpath until i+1 If not, continue; If all certificates in the certpath have been checked and none exisits in trust store, check if trust store has certificate of issuer of last certificate in CertPath. If so, return certPath + trusted certificate from trust store If not, throw an exception for lack of valid trust root.

      Parameters:
      keyStore - The key store containing CA trust root certificates
      certPath - The certpath from which to extract a valid cert path to a trusted certificate.
      Returns:
      The valid CertPath.
      Throws:
      CertPathValidatorException - If the CertPath is invalid.