Package com.helger.peppol.utils

Class PeppolCAChecker

java.lang.Object
com.helger.peppol.utils.PeppolCAChecker
public final class PeppolCAChecker extends Object
This is a specific helper class to check the validity of Peppol certificates for a specific CA. This class assumes the Peppol trust model. See PeppolCertificateChecker for predefined instances of this class.
Since:
9.6.0
Author:
Philip Helger

  • Constructor Details

    • PeppolCAChecker

      public PeppolCAChecker(@Nonnull X509Certificate... aCACerts)
      Constructor
      Parameters:
      aCACerts - The trusted CA certificates to be used. May neither be null nor empty.

  • Method Details

    • getAllTrustedAPCertificates

      @Nonnull @ReturnsMutableCopy public com.helger.security.certificate.TrustedCACertificates getAllTrustedAPCertificates()
      Returns:
      A copy of the trusted CA certificates object used internally. Never null.

    • getRevocationCache

      @Nonnull public com.helger.security.revocation.RevocationCheckResultCache getRevocationCache()
      Returns:
      The internal revocation cache that is used. Never null.

    • clearRevocationCache

      @Nonnull public com.helger.commons.state.EChange clearRevocationCache()
      Remove all elements from the this revocation check result cache.
      Returns:
      EChange.CHANGED if at least one entry was removed

    • checkCertificate

      @Nonnull public EPeppolCertificateCheckResult checkCertificate(@Nullable X509Certificate aCert)
      Check if the provided certificate is a valid Peppol certificate according to the configured CA.
      Parameters:
      aCert - The certificate to be checked. May be null.
      Returns:
      EPeppolCertificateCheckResult and never null.

    • checkCertificate

      @Nonnull public EPeppolCertificateCheckResult checkCertificate(@Nullable X509Certificate aCert, @Nullable OffsetDateTime aCheckDT)
      Check if the provided certificate is a valid Peppol certificate according to the configured CA.
      Parameters:
      aCert - The certificate to be checked. May be null.
      aCheckDT - The check date and time to use. May be null which means "now".
      Returns:
      EPeppolCertificateCheckResult and never null.

    • checkCertificate

      @Nonnull public EPeppolCertificateCheckResult checkCertificate(@Nullable X509Certificate aCert, @Nullable OffsetDateTime aCheckDT, @Nonnull com.helger.commons.state.ETriState eCacheRevocationCheckResult, @Nullable com.helger.security.revocation.ERevocationCheckMode eCheckMode)
      Check if the provided certificate is a valid Peppol certificate according to the configured CA.
      Parameters:
      aCert - The certificate to be checked. May be null.
      aCheckDT - The check date and time to use. May be null which means "now".
      eCacheRevocationCheckResult - Define whether to cache the revocation check results or not. Use ETriState.UNDEFINED to solely use the default.
      eCheckMode - Possibility to override the revocation checking mode for each check. May be null to use the global state from CertificateRevocationCheckerDefaults.getRevocationCheckMode().
      Returns:
      EPeppolCertificateCheckResult and never null.