PKIXAttrCertChecker.java revision e6bf3e8dfa2804891a82075cb469b736321b4827 
1package org.bouncycastle.x509;
2
3import java.security.cert.CertPath;
4import java.security.cert.CertPathValidatorException;
5import java.util.Collection;
6import java.util.Set;
7
8public abstract class PKIXAttrCertChecker
9    implements Cloneable
10{
11
12    /**
13     * Returns an immutable <code>Set</code> of X.509 attribute certificate
14     * extensions that this <code>PKIXAttrCertChecker</code> supports or
15     * <code>null</code> if no extensions are supported.
16     * <p>
17     * Each element of the set is a <code>String</code> representing the
18     * Object Identifier (OID) of the X.509 extension that is supported.
19     * <p>
20     * All X.509 attribute certificate extensions that a
21     * <code>PKIXAttrCertChecker</code> might possibly be able to process
22     * should be included in the set.
23     *
24     * @return an immutable <code>Set</code> of X.509 extension OIDs (in
25     *         <code>String</code> format) supported by this
26     *         <code>PKIXAttrCertChecker</code>, or <code>null</code> if no
27     *         extensions are supported
28     */
29    public abstract Set getSupportedExtensions();
30
31    /**
32     * Performs checks on the specified attribute certificate. Every handled
33     * extension is rmeoved from the <code>unresolvedCritExts</code>
34     * collection.
35     *
36     * @param attrCert The attribute certificate to be checked.
37     * @param certPath The certificate path which belongs to the attribute
38     *            certificate issuer public key certificate.
39     * @param holderCertPath The certificate path which belongs to the holder
40     *            certificate.
41     * @param unresolvedCritExts a <code>Collection</code> of OID strings
42     *            representing the current set of unresolved critical extensions
43     * @throws CertPathValidatorException if the specified attribute certificate
44     *             does not pass the check.
45     */
46    public abstract void check(X509AttributeCertificate attrCert, CertPath certPath,
47                                 CertPath holderCertPath, Collection unresolvedCritExts)
48        throws CertPathValidatorException;
49
50    /**
51     * Returns a clone of this object.
52     *
53     * @return a copy of this <code>PKIXAttrCertChecker</code>
54     */
55    public abstract Object clone();
56}
57