java.security.cert
Interface PolicyNode


public interface PolicyNode

A valid policy tree node resulting from the PKIX certification path validation algorithm.

One of the outputs of the PKIX certification path validation algorithm is a valid policy tree, which includes the policies that were determined to be valid, how this determination was reached, and any policy qualifiers encountered. This tree is of depth n, where n is the length of the certification path that has been validated.

Most applications will not need to examine the valid policy tree. They can achieve their policy processing goals by setting the policy-related parameters in PKIXParameters. However, the valid policy tree is available for more sophisticated applications, especially those that process policy qualifiers.

PKIXCertPathValidatorResult.getPolicyTree returns the root node of the valid policy tree. The tree can be traversed using the getChildren and getParent methods. Data about a particular node can be retrieved using other methods of PolicyNode.

Concurrent Access

Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.

Since:
1.4

Method Summary
 Iterator getChildren()
          Returns an iterator over the children of this node.
 int getDepth()
          Returns the depth of this node in the valid policy tree.
 Set getExpectedPolicies()
          Returns the set of expected policies that would satisfy this node's valid policy in the next certificate to be processed.
 PolicyNode getParent()
          Returns the parent of this node, or null if this is the root node.
 Set getPolicyQualifiers()
          Returns the set of policy qualifiers associated with the valid policy represented by this node.
 String getValidPolicy()
          Returns the valid policy represented by this node.
 boolean isCritical()
          Returns the criticality indicator of the certificate policy extension in the most recently processed certificate.
 

Method Detail

getParent

public PolicyNode getParent()
Returns the parent of this node, or null if this is the root node.
Returns:
the parent of this node, or null if this is the root node

getChildren

public Iterator getChildren()
Returns an iterator over the children of this node. Any attempts to modify the children of this node through the Iterator's remove method must throw an UnsupportedOperationException.
Returns:
an iterator over the children of this node

getDepth

public int getDepth()
Returns the depth of this node in the valid policy tree.
Returns:
the depth of this node (never less than 0)

getValidPolicy

public String getValidPolicy()
Returns the valid policy represented by this node.
Returns:
the String OID of the valid policy represented by this node. For the root node, this is the the special value "any-policy".

getPolicyQualifiers

public Set getPolicyQualifiers()
Returns the set of policy qualifiers associated with the valid policy represented by this node.
Returns:
an immutable Set of PolicyQualifierInfos. For the root node, this is always an empty Set.

getExpectedPolicies

public Set getExpectedPolicies()
Returns the set of expected policies that would satisfy this node's valid policy in the next certificate to be processed.
Returns:
an immutable Set of expected policy String OIDs. For the root node, this is a Set with the single value "any-policy".

isCritical

public boolean isCritical()
Returns the criticality indicator of the certificate policy extension in the most recently processed certificate.
Returns:
true if extension marked critical, false otherwise. For the root node, false is always returned.


Submit comments/suggestions about this API.
Copyright 1998-2000 Sun Microsystems, Inc. 901 San Antonio Road,
Palo Alto, California, 94303, U.S.A. All Rights Reserved.