org.eclipse.californium.scandium.dtls.x509

Interface AdvancedCertificateVerifier

All Superinterfaces:

CertificateVerifier

All Known Implementing Classes:

StaticCertificateVerifier

Deprecated.

use NewAdvancedCertificateVerifier instead, or BridgeCertificateVerifier until migrated.

@Deprecated
public interface AdvancedCertificateVerifier
extends CertificateVerifier

A class in charge of verifying a X.509 certificate chain provided by a peer.

Since:

2.1

See Also:

StaticCertificateVerifier

Method Summary

Methods

Modifier and Type	Method and Description
CertPath	verifyCertificate(Boolean clientUsage, boolean truncateCertificatePath, CertificateMessage message, DTLSSession session) Deprecated. Validates the X.509 certificate chain provided by the the peer as part of this message.

Methods inherited from interface org.eclipse.californium.scandium.dtls.x509.CertificateVerifier

getAcceptedIssuers, verifyCertificate

Method Detail

verifyCertificate

CertPath verifyCertificate(Boolean clientUsage,
                         boolean truncateCertificatePath,
                         CertificateMessage message,
                         DTLSSession session)
                           throws HandshakeException

Deprecated.

Validates the X.509 certificate chain provided by the the peer as part of this message.

Parameters:

clientUsage - indicator to check certificate usage. null don't check key usage, true, check key usage for client, false for server.

truncateCertificatePath - true truncate certificate path at a trusted certificate before validation.

message - certificate message to be validated

session - dtls session to be used for validation

Returns:

actually validated certificate path.

Throws:

HandshakeException - if validation fails