PKIXRevocationChecker Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
A PKIXCertPathChecker for checking the revocation status of
certificates with the PKIX algorithm.
[Android.Runtime.Register("java/security/cert/PKIXRevocationChecker", ApiSince=24, DoNotGenerateAcw=true)]
public abstract class PKIXRevocationChecker : Java.Security.Cert.PKIXCertPathChecker[<Android.Runtime.Register("java/security/cert/PKIXRevocationChecker", ApiSince=24, DoNotGenerateAcw=true)>]
type PKIXRevocationChecker = class
inherit PKIXCertPathChecker- Inheritance
- Attributes
Remarks
A PKIXCertPathChecker for checking the revocation status of certificates with the PKIX algorithm.
A PKIXRevocationChecker checks the revocation status of certificates with the Online Certificate Status Protocol (OCSP) or Certificate Revocation Lists (CRLs). OCSP is described in RFC 2560 and is a network protocol for determining the status of a certificate. A CRL is a time-stamped list identifying revoked certificates, and RFC 5280 describes an algorithm for determining the revocation status of certificates using CRLs.
Each PKIXRevocationChecker must be able to check the revocation status of certificates with OCSP and CRLs. By default, OCSP is the preferred mechanism for checking revocation status, with CRLs as the fallback mechanism. However, this preference can be switched to CRLs with the Option#PREFER_CRLS PREFER_CRLS option. In addition, the fallback mechanism can be disabled with the Option#NO_FALLBACK NO_FALLBACK option.
A PKIXRevocationChecker is obtained by calling the CertPathValidator#getRevocationChecker getRevocationChecker method of a PKIX CertPathValidator. Additional parameters and options specific to revocation can be set (by calling the #setOcspResponder setOcspResponder method for instance). The PKIXRevocationChecker is added to a PKIXParameters object using the PKIXParameters#addCertPathChecker addCertPathChecker or PKIXParameters#setCertPathCheckers setCertPathCheckers method, and then the PKIXParameters is passed along with the CertPath to be validated to the CertPathValidator#validate validate method of a PKIX CertPathValidator. When supplying a revocation checker in this manner, it will be used to check revocation irrespective of the setting of the PKIXParameters#isRevocationEnabled RevocationEnabled flag. Similarly, a PKIXRevocationChecker may be added to a PKIXBuilderParameters object for use with a PKIX CertPathBuilder.
Note that when a PKIXRevocationChecker is added to PKIXParameters, it clones the PKIXRevocationChecker; thus any subsequent modifications to the PKIXRevocationChecker have no effect.
Any parameter that is not set (or is set to null) will be set to the default value for that parameter.
<b>Concurrent Access</b>
Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.
Added in 1.8
// Android-changed: Changed invalid `.
Java documentation for java.security.cert.PKIXRevocationChecker.
Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.
Constructors
| PKIXRevocationChecker() |
Default constructor. |
| PKIXRevocationChecker(IntPtr, JniHandleOwnership) | |
Properties
| Class |
Returns the runtime class of this |
| Handle |
The handle to the underlying Android instance. (Inherited from Object) |
| IsForwardCheckingSupported |
Returns whether this |
| JniIdentityHashCode | (Inherited from Object) |
| JniPeerMembers | |
| OcspExtensions |
Gets the optional OCSP request extensions. -or- Sets the optional OCSP request extensions. |
| OcspResponder |
Gets the URI that identifies the location of the OCSP responder. -or- Sets the URI that identifies the location of the OCSP responder. |
| OcspResponderCert |
Gets the OCSP responder's certificate. -or- Sets the OCSP responder's certificate. |
| OcspResponses |
Gets the OCSP responses. -or- Sets the OCSP responses. |
| Options |
Gets the revocation options. -or- Sets the revocation options. |
| PeerReference | (Inherited from Object) |
| SoftFailExceptions | |
| SupportedExtensions |
Returns the list of extensions of X.509 certificates that this |
| ThresholdClass | |
| ThresholdType | |
Methods
| Check(Certificate, ICollection<String>) |
Performs the check(s) on the specified certificate using its internal state and removes any critical extensions that it processes from the specified collection of OID strings that represent the unresolved critical extensions. (Inherited from PKIXCertPathChecker) |
| Check(Certificate) |
To be added (Inherited from PKIXCertPathChecker) |
| Clone() |
Returns a clone of this object. (Inherited from PKIXCertPathChecker) |
| Dispose() | (Inherited from Object) |
| Dispose(Boolean) | (Inherited from Object) |
| Equals(Object) |
Indicates whether some other object is "equal to" this one. (Inherited from Object) |
| GetHashCode() |
Returns a hash code value for the object. (Inherited from Object) |
| Init(Boolean) |
Initializes the internal state of this |
| JavaFinalize() |
Called by the garbage collector on an object when garbage collection determines that there are no more references to the object. (Inherited from Object) |
| Notify() |
Wakes up a single thread that is waiting on this object's monitor. (Inherited from Object) |
| NotifyAll() |
Wakes up all threads that are waiting on this object's monitor. (Inherited from Object) |
| SetHandle(IntPtr, JniHandleOwnership) |
Sets the Handle property. (Inherited from Object) |
| ToArray<T>() | (Inherited from Object) |
| ToString() |
Returns a string representation of the object. (Inherited from Object) |
| UnregisterFromRuntime() | (Inherited from Object) |
| Wait() |
Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>. (Inherited from Object) |
| Wait(Int64, Int32) |
Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed. (Inherited from Object) |
| Wait(Int64) |
Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed. (Inherited from Object) |
Explicit Interface Implementations
| IJavaPeerable.Disposed() | (Inherited from Object) |
| IJavaPeerable.DisposeUnlessReferenced() | (Inherited from Object) |
| IJavaPeerable.Finalized() | (Inherited from Object) |
| IJavaPeerable.JniManagedPeerState | (Inherited from Object) |
| IJavaPeerable.SetJniIdentityHashCode(Int32) | (Inherited from Object) |
| IJavaPeerable.SetJniManagedPeerState(JniManagedPeerStates) | (Inherited from Object) |
| IJavaPeerable.SetPeerReference(JniObjectReference) | (Inherited from Object) |
Extension Methods
| JavaCast<TResult>(IJavaObject) |
Performs an Android runtime-checked type conversion. |
| JavaCast<TResult>(IJavaObject) | |
| GetJniTypeName(IJavaPeerable) | |