JSS 3.1.1

org.mozilla.jss.ssl
Class SSLCertificateApprovalCallback.ValidityStatus

java.lang.Object
  |
  +--org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus
Enclosing class:
SSLCertificateApprovalCallback

public static class SSLCertificateApprovalCallback.ValidityStatus
extends java.lang.Object

This class holds details about the errors for each cert in the chain that the server presented To use this class, getReasons(), then iterate over the enumeration


Field Summary
static int BAD_CERT_DOMAIN
          this indicates common-name mismatch
static int BAD_KEY
           
static int BAD_SIGNATURE
           
static int CA_CERT_INVALID
           
static int CERT_BAD_ACCESS_LOCATION
           
static int CERT_NOT_IN_NAME_SPACE
           
static int CERT_STATUS_SERVER_ERROR
           
static int EXPIRED_ISSUER_CERTIFICATE
           
static int INADEQUATE_CERT_TYPE
           
static int INADEQUATE_KEY_USAGE
           
static int INVALID_TIME
           
static int OCSP_BAD_HTTP_RESPONSE
           
static int OCSP_FUTURE_RESPONSE
           
static int OCSP_MALFORMED_REQUEST
           
static int OCSP_MALFORMED_RESPONSE
           
static int OCSP_NO_DEFAULT_RESPONDER
           
static int OCSP_NOT_ENABLED
           
static int OCSP_OLD_RESPONSE
           
static int OCSP_REQUEST_NEEDS_SIG
           
static int OCSP_SERVER_ERROR
           
static int OCSP_TRY_SERVER_LATER
           
static int OCSP_UNAUTHORIZED_REQUEST
           
static int OCSP_UNAUTHORIZED_RESPONSE
           
static int OCSP_UNKNOWN_CERT
           
static int OCSP_UNKNOWN_RESPONSE_STATUS
           
static int OCSP_UNKNOWN_RESPONSE_TYPE
           
static int PATH_LEN_CONSTRAINT_INVALID
           
private  java.util.Vector reasons
           
static int REVOKED_CERTIFICATE
           
static int SEC_ERROR_CRL_BAD_SIGNATURE
           
static int SEC_ERROR_CRL_EXPIRED
           
static int SEC_ERROR_CRL_INVALID
           
static int UNKNOWN_ISSUER
           
static int UNKNOWN_SIGNER
           
static int UNTRUSTED_CERT
           
static int UNTRUSTED_ISSUER
           
 
Constructor Summary
SSLCertificateApprovalCallback.ValidityStatus()
           
 
Method Summary
 void addReason(int newReason, PK11Cert cert, int depth)
          add a new failure reason to this enumeration.
 java.util.Enumeration getReasons()
          returns an enumeration.
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait
 

Field Detail

REVOKED_CERTIFICATE

public static final int REVOKED_CERTIFICATE

INADEQUATE_KEY_USAGE

public static final int INADEQUATE_KEY_USAGE

INADEQUATE_CERT_TYPE

public static final int INADEQUATE_CERT_TYPE

UNTRUSTED_CERT

public static final int UNTRUSTED_CERT

CERT_STATUS_SERVER_ERROR

public static final int CERT_STATUS_SERVER_ERROR

UNKNOWN_ISSUER

public static final int UNKNOWN_ISSUER

UNTRUSTED_ISSUER

public static final int UNTRUSTED_ISSUER

CERT_NOT_IN_NAME_SPACE

public static final int CERT_NOT_IN_NAME_SPACE

CA_CERT_INVALID

public static final int CA_CERT_INVALID

PATH_LEN_CONSTRAINT_INVALID

public static final int PATH_LEN_CONSTRAINT_INVALID

BAD_KEY

public static final int BAD_KEY

BAD_SIGNATURE

public static final int BAD_SIGNATURE

EXPIRED_ISSUER_CERTIFICATE

public static final int EXPIRED_ISSUER_CERTIFICATE

INVALID_TIME

public static final int INVALID_TIME

UNKNOWN_SIGNER

public static final int UNKNOWN_SIGNER

SEC_ERROR_CRL_EXPIRED

public static final int SEC_ERROR_CRL_EXPIRED

SEC_ERROR_CRL_BAD_SIGNATURE

public static final int SEC_ERROR_CRL_BAD_SIGNATURE

SEC_ERROR_CRL_INVALID

public static final int SEC_ERROR_CRL_INVALID

CERT_BAD_ACCESS_LOCATION

public static final int CERT_BAD_ACCESS_LOCATION

OCSP_UNKNOWN_RESPONSE_TYPE

public static final int OCSP_UNKNOWN_RESPONSE_TYPE

OCSP_BAD_HTTP_RESPONSE

public static final int OCSP_BAD_HTTP_RESPONSE

OCSP_MALFORMED_REQUEST

public static final int OCSP_MALFORMED_REQUEST

OCSP_SERVER_ERROR

public static final int OCSP_SERVER_ERROR

OCSP_TRY_SERVER_LATER

public static final int OCSP_TRY_SERVER_LATER

OCSP_REQUEST_NEEDS_SIG

public static final int OCSP_REQUEST_NEEDS_SIG

OCSP_UNAUTHORIZED_REQUEST

public static final int OCSP_UNAUTHORIZED_REQUEST

OCSP_UNKNOWN_RESPONSE_STATUS

public static final int OCSP_UNKNOWN_RESPONSE_STATUS

OCSP_UNKNOWN_CERT

public static final int OCSP_UNKNOWN_CERT

OCSP_NOT_ENABLED

public static final int OCSP_NOT_ENABLED

OCSP_NO_DEFAULT_RESPONDER

public static final int OCSP_NO_DEFAULT_RESPONDER

OCSP_MALFORMED_RESPONSE

public static final int OCSP_MALFORMED_RESPONSE

OCSP_UNAUTHORIZED_RESPONSE

public static final int OCSP_UNAUTHORIZED_RESPONSE

OCSP_FUTURE_RESPONSE

public static final int OCSP_FUTURE_RESPONSE

OCSP_OLD_RESPONSE

public static final int OCSP_OLD_RESPONSE

BAD_CERT_DOMAIN

public static final int BAD_CERT_DOMAIN
this indicates common-name mismatch

reasons

private java.util.Vector reasons
Constructor Detail

SSLCertificateApprovalCallback.ValidityStatus

public SSLCertificateApprovalCallback.ValidityStatus()
Method Detail

addReason

public void addReason(int newReason,
                      PK11Cert cert,
                      int depth)
add a new failure reason to this enumeration. This is called from the native code callback when it does a verify on the cert chain
Parameters:
newReason - sslerr.h error code - see constants defined above;
cert - a reference to the cert - so you can see the subject name, etc
depth - the index of this cert in the chain. 0 is the server cert.

getReasons

public java.util.Enumeration getReasons()
returns an enumeration. The elements in the enumeration are all of type 'ValidityItem'

JSS 3.1.1