--- /srv/reproducible-results/rbuild-debian/r-b-build.QBurKPbI/b1/canl-java_2.6.0-2_i386.changes +++ /srv/reproducible-results/rbuild-debian/r-b-build.QBurKPbI/b2/canl-java_2.6.0-2_i386.changes ├── Files │ @@ -1,3 +1,3 @@ │ │ - 5e1ceb58cfd0d54e614c14ea3935300f 458620 doc optional libcanl-java-doc_2.6.0-2_all.deb │ + db332f65be343768668b031622521446 458680 doc optional libcanl-java-doc_2.6.0-2_all.deb │ 9e8c0d6ea3023073cc421a71b647d08d 337620 java optional libcanl-java_2.6.0-2_all.deb ├── libcanl-java-doc_2.6.0-2_all.deb │ ├── file list │ │ @@ -1,3 +1,3 @@ │ │ -rw-r--r-- 0 0 0 4 2020-06-22 12:18:05.000000 debian-binary │ │ --rw-r--r-- 0 0 0 10700 2020-06-22 12:18:05.000000 control.tar.xz │ │ --rw-r--r-- 0 0 0 447728 2020-06-22 12:18:05.000000 data.tar.xz │ │ +-rw-r--r-- 0 0 0 10696 2020-06-22 12:18:05.000000 control.tar.xz │ │ +-rw-r--r-- 0 0 0 447792 2020-06-22 12:18:05.000000 data.tar.xz │ ├── control.tar.xz │ │ ├── control.tar │ │ │ ├── ./md5sums │ │ │ │ ├── ./md5sums │ │ │ │ │┄ Files differ │ ├── data.tar.xz │ │ ├── data.tar │ │ │ ├── file list │ │ │ │ @@ -1,18 +1,18 @@ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/ │ │ │ │ --rw-r--r-- 0 root (0) root (0) 65583 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/allclasses-index.html │ │ │ │ +-rw-r--r-- 0 root (0) root (0) 65604 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/allclasses-index.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 25963 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/allclasses.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 9245 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/allpackages-index.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 38809 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/constant-values.html │ │ │ │ --rw-r--r-- 0 root (0) root (0) 8438 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/deprecated-list.html │ │ │ │ +-rw-r--r-- 0 root (0) root (0) 8459 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/deprecated-list.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 500 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/element-list │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/ │ │ │ │ -rw-r--r-- 0 root (0) root (0) 13170 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/CommonX509TrustManager.html │ │ │ │ @@ -380,15 +380,15 @@ │ │ │ │ -rw-r--r-- 0 root (0) root (0) 9721 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/class-use/ProxyRequestOptions.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 12407 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/class-use/ProxyType.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 5454 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/class-use/ProxyUtils.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 10630 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/package-summary.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 8839 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/package-tree.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 12523 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/eu/emi/security/authn/x509/proxy/package-use.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 10157 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/help-doc.html │ │ │ │ --rw-r--r-- 0 root (0) root (0) 597481 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/index-all.html │ │ │ │ +-rw-r--r-- 0 root (0) root (0) 597544 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/index-all.html │ │ │ │ -rw-r--r-- 0 root (0) root (0) 9518 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/index.html │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/external/ │ │ │ │ drwxr-xr-x 0 root (0) root (0) 0 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/external/jquery/ │ │ │ │ -rw-r--r-- 0 root (0) root (0) 287630 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/external/jquery/jquery.js │ │ │ │ -rw-r--r-- 0 root (0) root (0) 89664 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/jquery-3.6.1.min.js │ │ │ │ -rw-r--r-- 0 root (0) root (0) 1842 2020-06-22 12:18:05.000000 ./usr/share/doc/libcanl-java-doc/apidocs/jquery/jquery-ui.min.css │ │ │ ├── ./usr/share/doc/libcanl-java-doc/apidocs/allclasses-index.html │ │ │ │ @@ -135,15 +135,15 @@ │ │ │ │ │ │ │ │
Globus EACL policy store common code.
│ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ AbstractHostnameToCertificateChecker │ │ │ │ Deprecated. │ │ │ │ -
Use connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ +
Use SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ instead.
│ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ AbstractNamespacesStore │ │ │ │ │ │ │ │
Policy store common code.
│ │ │ │ ├── html2text {} │ │ │ │ │ @@ -18,464 +18,316 @@ │ │ │ │ │ * All Classes │ │ │ │ │ * SEARCH: [search ] [reset] │ │ │ │ │ │ │ │ │ │ JavaScript is disabled on your browser. │ │ │ │ │   │ │ │ │ │ │ │ │ │ │ ****** All Classes ****** │ │ │ │ │ - * All Classes Interface_Summary Class_Summary Enum_Summary Exception_Summary  │ │ │ │ │ + * All Classes Interface_Summary Class_Summary Enum_Summary Exception_Summary  │ │ │ │ │ Class Description │ │ │ │ │ - Common code for │ │ │ │ │ - AbstractCRLStoreSPI LazyOpensslCRLStoreSpi and │ │ │ │ │ + AbstractCRLStoreSPI Common code for LazyOpensslCRLStoreSpi and │ │ │ │ │ PlainCRLStoreSpi. │ │ │ │ │ - Abstract base for credential │ │ │ │ │ - AbstractDelegatingX509Credential implementations which delegate │ │ │ │ │ - to another one. │ │ │ │ │ - AbstractEuGridPmaNamespacesStore EuGridPMA policy store common │ │ │ │ │ - code. │ │ │ │ │ - AbstractGlobusNamespacesStore Globus EACL policy store │ │ │ │ │ - common code. │ │ │ │ │ + AbstractDelegatingX509Credential Abstract base for credential implementations │ │ │ │ │ + which delegate to another one. │ │ │ │ │ + AbstractEuGridPmaNamespacesStore EuGridPMA policy store common code. │ │ │ │ │ + AbstractGlobusNamespacesStore Globus EACL policy store common code. │ │ │ │ │ Deprecated. │ │ │ │ │ - Use │ │ │ │ │ - AbstractHostnameToCertificateChecker connectWithHostnameChecking │ │ │ │ │ - (SSLSocket, │ │ │ │ │ - HostnameMismatchCallback) │ │ │ │ │ - instead. │ │ │ │ │ + AbstractHostnameToCertificateChecker Use │ │ │ │ │ + SocketFactoryCreator.connectWithHostnameChecking │ │ │ │ │ + (SSLSocket,_HostnameMismatchCallback) instead. │ │ │ │ │ AbstractNamespacesStore Policy store common code. │ │ │ │ │ - AbstractTrustAnchorStore Base implementation of Trust │ │ │ │ │ - Anchor stores. │ │ │ │ │ - AbstractValidator Base implementation of │ │ │ │ │ - X509CertChainValidator. │ │ │ │ │ - Base class with a shared code │ │ │ │ │ - AbstractX509Credential for X509Credential │ │ │ │ │ + AbstractTrustAnchorStore Base implementation of Trust Anchor stores. │ │ │ │ │ + AbstractValidator Base implementation of X509CertChainValidator. │ │ │ │ │ + AbstractX509Credential Base class with a shared code for X509Credential │ │ │ │ │ implementations. │ │ │ │ │ - Generic proxy creation │ │ │ │ │ - BaseProxyCertificateOptions parameters useful for all │ │ │ │ │ + BaseProxyCertificateOptions Generic proxy creation parameters useful for all │ │ │ │ │ scenarios. │ │ │ │ │ - Low-level certificate │ │ │ │ │ - validator based on the BC │ │ │ │ │ - BCCertPathValidator PKIXCertPathReviewer with │ │ │ │ │ - additional support for proxy │ │ │ │ │ - certificates. │ │ │ │ │ - BCErrorMapper Maps PKIXCertPathReviewer │ │ │ │ │ - errors to ValidationError. │ │ │ │ │ - A simplistic │ │ │ │ │ - X509CertChainValidator │ │ │ │ │ - BinaryCertChainValidator implementation which always │ │ │ │ │ - fails or accepts certificates, │ │ │ │ │ - basing on the constructor │ │ │ │ │ + Low-level certificate validator based on the BC │ │ │ │ │ + BCCertPathValidator PKIXCertPathReviewer with additional support for │ │ │ │ │ + proxy certificates. │ │ │ │ │ + BCErrorMapper Maps PKIXCertPathReviewer errors to │ │ │ │ │ + ValidationError. │ │ │ │ │ + A simplistic X509CertChainValidator │ │ │ │ │ + BinaryCertChainValidator implementation which always fails or accepts │ │ │ │ │ + certificates, basing on the constructor │ │ │ │ │ argument. │ │ │ │ │ BoundedSizeLruMap   │ │ │ │ │ - Cached element is a container │ │ │ │ │ - CachedElement of an arbitrary object, │ │ │ │ │ - enriched with a creation │ │ │ │ │ - timestamp. │ │ │ │ │ - This class extends the │ │ │ │ │ - CachedPEMReader PEMParser class from the BC │ │ │ │ │ - library. │ │ │ │ │ - Stores DER form of a │ │ │ │ │ - CertificateExtension certificate extension along │ │ │ │ │ - with its OID and flag if the │ │ │ │ │ - extension is critical. │ │ │ │ │ - Utility methods for │ │ │ │ │ - CertificateHelpers certificates handling and │ │ │ │ │ + CachedElement Cached element is a container of an arbitrary │ │ │ │ │ + object, enriched with a creation timestamp. │ │ │ │ │ + CachedPEMReader This class extends the PEMParser class from the │ │ │ │ │ + BC library. │ │ │ │ │ + Stores DER form of a certificate extension along │ │ │ │ │ + CertificateExtension with its OID and flag if the extension is │ │ │ │ │ + critical. │ │ │ │ │ + CertificateHelpers Utility methods for certificates handling and │ │ │ │ │ reading/writing PEM files. │ │ │ │ │ CertificateHelpers.PEMContentsType   │ │ │ │ │ - Utility class with methods │ │ │ │ │ - CertificateUtils simplifying typical │ │ │ │ │ - certificate related │ │ │ │ │ - operations. │ │ │ │ │ - Definition of the encoding │ │ │ │ │ - CertificateUtils.Encoding that can be used for reading │ │ │ │ │ - or writing certificates or │ │ │ │ │ - keys. │ │ │ │ │ - Exposes otherwise hidden │ │ │ │ │ - methods from │ │ │ │ │ - CertPathValidatorUtilitiesCanl CertPathValidatorUtilitiesCanl │ │ │ │ │ - plus in some cases fixes bugs │ │ │ │ │ - plus produces errors in the │ │ │ │ │ + CertificateUtils Utility class with methods simplifying typical │ │ │ │ │ + certificate related operations. │ │ │ │ │ + CertificateUtils.Encoding Definition of the encoding that can be used for │ │ │ │ │ + reading or writing certificates or keys. │ │ │ │ │ + Exposes otherwise hidden methods from │ │ │ │ │ + CertPathValidatorUtilitiesCanl CertPathValidatorUtilitiesCanl plus in some │ │ │ │ │ + cases fixes bugs plus produces errors in the │ │ │ │ │ desired format. │ │ │ │ │ - Trivial implementation of │ │ │ │ │ - CharArrayPasswordFinder PasswordSupplier which uses a │ │ │ │ │ - password provided to the │ │ │ │ │ - constructor. │ │ │ │ │ - This class wraps │ │ │ │ │ - CommonX509TrustManager X509CertChainValidator so it │ │ │ │ │ - can be easily used in the │ │ │ │ │ - standard Java SSL API. │ │ │ │ │ - Simple KeyManager │ │ │ │ │ - implementation which always │ │ │ │ │ - CredentialX509KeyManager returns the only key and │ │ │ │ │ - certificate which is available │ │ │ │ │ - in the configured │ │ │ │ │ - X509Credential object. │ │ │ │ │ - CrlCheckingMode Defines Certificate Revocation │ │ │ │ │ - List verification mode. │ │ │ │ │ - Manages configuration of CRL │ │ │ │ │ - CRLParameters sources, used in non-openssl │ │ │ │ │ - truststores. │ │ │ │ │ - Implementation of │ │ │ │ │ - CRLRevocationChecker RevocationChecker using CRLs, │ │ │ │ │ - the │ │ │ │ │ - RFC3280CertPathUtilitiesCanl. │ │ │ │ │ - DERCredential Wraps certificate and private │ │ │ │ │ - key stored in DER format. │ │ │ │ │ - The certificate validator │ │ │ │ │ - DirectoryCertChainValidator which uses a flexible set of │ │ │ │ │ - certificates and CRL │ │ │ │ │ - locations. │ │ │ │ │ - Retrieves CA certificates from │ │ │ │ │ - DirectoryTrustAnchorStore locations given as local paths │ │ │ │ │ - with wildcards or URLs. │ │ │ │ │ - Helpers for checking text │ │ │ │ │ - DNComparator representations of DNs for │ │ │ │ │ - equality. │ │ │ │ │ - DraftRFCProxyCertInfoExtension Proxy cert info extension │ │ │ │ │ - class. │ │ │ │ │ - Parses a single EUGridPMA │ │ │ │ │ - EuGridPmaNamespacesParser namespaces file and returns │ │ │ │ │ - NamespacePolicy object. │ │ │ │ │ - EuGridPmaNamespacesStore Provides an in-memory store of │ │ │ │ │ - NamespacePolicy objects. │ │ │ │ │ + CharArrayPasswordFinder Trivial implementation of PasswordSupplier which │ │ │ │ │ + uses a password provided to the constructor. │ │ │ │ │ + CommonX509TrustManager This class wraps X509CertChainValidator so it │ │ │ │ │ + can be easily used in the standard Java SSL API. │ │ │ │ │ + Simple KeyManager implementation which always │ │ │ │ │ + CredentialX509KeyManager returns the only key and certificate which is │ │ │ │ │ + available in the configured X509Credential │ │ │ │ │ + object. │ │ │ │ │ + CrlCheckingMode Defines Certificate Revocation List verification │ │ │ │ │ + mode. │ │ │ │ │ + CRLParameters Manages configuration of CRL sources, used in │ │ │ │ │ + non-openssl truststores. │ │ │ │ │ + CRLRevocationChecker Implementation of RevocationChecker using CRLs, │ │ │ │ │ + the RFC3280CertPathUtilitiesCanl. │ │ │ │ │ + DERCredential Wraps certificate and private key stored in DER │ │ │ │ │ + format. │ │ │ │ │ + DirectoryCertChainValidator The certificate validator which uses a flexible │ │ │ │ │ + set of certificates and CRL locations. │ │ │ │ │ + DirectoryTrustAnchorStore Retrieves CA certificates from locations given │ │ │ │ │ + as local paths with wildcards or URLs. │ │ │ │ │ + DNComparator Helpers for checking text representations of DNs │ │ │ │ │ + for equality. │ │ │ │ │ + DraftRFCProxyCertInfoExtension Proxy cert info extension class. │ │ │ │ │ + EuGridPmaNamespacesParser Parses a single EUGridPMA namespaces file and │ │ │ │ │ + returns NamespacePolicy object. │ │ │ │ │ + EuGridPmaNamespacesStore Provides an in-memory store of NamespacePolicy │ │ │ │ │ + objects. │ │ │ │ │ ExtendedProxyType   │ │ │ │ │ - Extended PKIX parameters with │ │ │ │ │ - additional settings related to │ │ │ │ │ - ExtPKIXParameters2 the library features: │ │ │ │ │ - different CRL modes and proxy │ │ │ │ │ - support. │ │ │ │ │ + Extended PKIX parameters with additional │ │ │ │ │ + ExtPKIXParameters2 settings related to the library features: │ │ │ │ │ + different CRL modes and proxy support. │ │ │ │ │ ExtPKIXParameters2.Builder   │ │ │ │ │ - PKIXCertPathReviewer │ │ │ │ │ - FixedBCPKIXCertPathReviewer Validation of X.509 │ │ │ │ │ - Certificate Paths. │ │ │ │ │ - Extends BC's PEMParser class │ │ │ │ │ - so it can read correctly also │ │ │ │ │ - FlexiblePEMReader PEM files with a garbage at │ │ │ │ │ - the beginning and minor syntax │ │ │ │ │ - violations which occur more │ │ │ │ │ - then often in the wild. │ │ │ │ │ + FixedBCPKIXCertPathReviewer PKIXCertPathReviewer │ │ │ │ │ + Validation of X.509 Certificate Paths. │ │ │ │ │ + Extends BC's PEMParser class so it can read │ │ │ │ │ + FlexiblePEMReader correctly also PEM files with a garbage at the │ │ │ │ │ + beginning and minor syntax violations which │ │ │ │ │ + occur more then often in the wild. │ │ │ │ │ FormatMode String output mode. │ │ │ │ │ - Parses a single │ │ │ │ │ - GlobusNamespacesParser .signing_policy file and │ │ │ │ │ - returns NamespacePolicy │ │ │ │ │ - object. │ │ │ │ │ + GlobusNamespacesParser Parses a single .signing_policy file and returns │ │ │ │ │ + NamespacePolicy object. │ │ │ │ │ GlobusNamespacesParser.InvalidPolicyFilenameException   │ │ │ │ │ GlobusNamespacesParser.PolicySyntaxException   │ │ │ │ │ - GlobusNamespacesStore Provides an in-memory store of │ │ │ │ │ - NamespacePolicy objects. │ │ │ │ │ - Implementation should react to │ │ │ │ │ - HostnameMismatchCallback the event when remote SSL │ │ │ │ │ - peer's certificate is not │ │ │ │ │ - matching its hostname. │ │ │ │ │ - Verifies if a peer's host name │ │ │ │ │ - HostnameToCertificateChecker matches a DN of its │ │ │ │ │ - certificate. │ │ │ │ │ + GlobusNamespacesStore Provides an in-memory store of NamespacePolicy │ │ │ │ │ + objects. │ │ │ │ │ + Implementation should react to the event when │ │ │ │ │ + HostnameMismatchCallback remote SSL peer's certificate is not matching │ │ │ │ │ + its hostname. │ │ │ │ │ + HostnameToCertificateChecker Verifies if a peer's host name matches a DN of │ │ │ │ │ + its certificate. │ │ │ │ │ HostnameToCertificateChecker.ResultWrapper   │ │ │ │ │ - The certificate validator │ │ │ │ │ - InMemoryKeystoreCertChainValidator which uses Java KeyStore as a │ │ │ │ │ - truststore. │ │ │ │ │ - IPAddressHelper Helpers for IP addresses │ │ │ │ │ - comparison. │ │ │ │ │ - Extends BCStyle with │ │ │ │ │ - additional recognized │ │ │ │ │ - attribute names, to make it │ │ │ │ │ - JavaAndBCStyle fully compatible with what the │ │ │ │ │ - internal OpenJDK │ │ │ │ │ - implementation supports when │ │ │ │ │ - parsing string RFC 2253 DNs. │ │ │ │ │ - Implementation of the │ │ │ │ │ - JDKFSTrustAnchorStore TrustAnchorStore which load │ │ │ │ │ - JDK's KeyStore from a file. │ │ │ │ │ - Implementation of the │ │ │ │ │ - JDKInMemoryTrustAnchorStore TrustAnchorStore which uses │ │ │ │ │ - JDK's KeyStore as a in-memory │ │ │ │ │ - storage. │ │ │ │ │ - Wraps a PrivateKey and │ │ │ │ │ - KeyAndCertCredential X509Certificate chain as a │ │ │ │ │ - X509Credential. │ │ │ │ │ - The certificate validator │ │ │ │ │ - KeystoreCertChainValidator which uses Java KeyStore as a │ │ │ │ │ - truststore. │ │ │ │ │ - KeystoreCredential Wraps a Java KeyStore in form │ │ │ │ │ - suitable for use in JSSE. │ │ │ │ │ + InMemoryKeystoreCertChainValidator The certificate validator which uses Java │ │ │ │ │ + KeyStore as a truststore. │ │ │ │ │ + IPAddressHelper Helpers for IP addresses comparison. │ │ │ │ │ + Extends BCStyle with additional recognized │ │ │ │ │ + JavaAndBCStyle attribute names, to make it fully compatible │ │ │ │ │ + with what the internal OpenJDK implementation │ │ │ │ │ + supports when parsing string RFC 2253 DNs. │ │ │ │ │ + JDKFSTrustAnchorStore Implementation of the TrustAnchorStore which │ │ │ │ │ + load JDK's KeyStore from a file. │ │ │ │ │ + JDKInMemoryTrustAnchorStore Implementation of the TrustAnchorStore which │ │ │ │ │ + uses JDK's KeyStore as a in-memory storage. │ │ │ │ │ + KeyAndCertCredential Wraps a PrivateKey and X509Certificate chain as │ │ │ │ │ + a X509Credential. │ │ │ │ │ + KeystoreCertChainValidator The certificate validator which uses Java │ │ │ │ │ + KeyStore as a truststore. │ │ │ │ │ + KeystoreCredential Wraps a Java KeyStore in form suitable for use │ │ │ │ │ + in JSSE. │ │ │ │ │ KeyStoreHelper KeyStore class utility helpers │ │ │ │ │ - EuGridPMA namespace policies │ │ │ │ │ - LazyEuGridPmaNamespacesStore are loaded on demand by this │ │ │ │ │ - store and are cached in │ │ │ │ │ - memory. │ │ │ │ │ - Globus EACL policies are │ │ │ │ │ - LazyGlobusNamespacesStore loaded on demand by this store │ │ │ │ │ - and are cached in memory. │ │ │ │ │ - LazyOpensslCRLStoreSpi Handles an Openssl-like CRL │ │ │ │ │ - store. │ │ │ │ │ - Implementation of the │ │ │ │ │ - LazyOpensslTrustAnchorStoreImpl truststore which uses CA │ │ │ │ │ - certificates from a single │ │ │ │ │ - directory in OpenSSL format. │ │ │ │ │ - NamespaceChecker Implements namespace policy │ │ │ │ │ - checking. │ │ │ │ │ - NamespaceCheckingMode Used to define the CA │ │ │ │ │ - namespace checking mode. │ │ │ │ │ - NamespacePolicy Represents a namespace policy, │ │ │ │ │ - i.e. │ │ │ │ │ - NamespacesParser Implemented by namespace │ │ │ │ │ - parsers. │ │ │ │ │ - NamespacesStore Store of NamespacePolicy │ │ │ │ │ - objects. │ │ │ │ │ - This class is a modified copy │ │ │ │ │ - NonValidatingCertPathBuilder of BC's │ │ │ │ │ + LazyEuGridPmaNamespacesStore EuGridPMA namespace policies are loaded on │ │ │ │ │ + demand by this store and are cached in memory. │ │ │ │ │ + LazyGlobusNamespacesStore Globus EACL policies are loaded on demand by │ │ │ │ │ + this store and are cached in memory. │ │ │ │ │ + LazyOpensslCRLStoreSpi Handles an Openssl-like CRL store. │ │ │ │ │ + Implementation of the truststore which uses CA │ │ │ │ │ + LazyOpensslTrustAnchorStoreImpl certificates from a single directory in OpenSSL │ │ │ │ │ + format. │ │ │ │ │ + NamespaceChecker Implements namespace policy checking. │ │ │ │ │ + NamespaceCheckingMode Used to define the CA namespace checking mode. │ │ │ │ │ + NamespacePolicy Represents a namespace policy, i.e. │ │ │ │ │ + NamespacesParser Implemented by namespace parsers. │ │ │ │ │ + NamespacesStore Store of NamespacePolicy objects. │ │ │ │ │ + NonValidatingCertPathBuilder This class is a modified copy of BC's │ │ │ │ │ PKIXCertPathBuilderSpi. │ │ │ │ │ - Thread safe class maintaining │ │ │ │ │ - ObserversHandler a collection of │ │ │ │ │ + ObserversHandler Thread safe class maintaining a collection of │ │ │ │ │ StoreUpdateListeners. │ │ │ │ │ - Common base class for │ │ │ │ │ - OCSPCacheBase responses and responders │ │ │ │ │ + OCSPCacheBase Common base class for responses and responders │ │ │ │ │ caches. │ │ │ │ │ - OCSP client which adds a cache │ │ │ │ │ - OCSPCachingClient layer on top of │ │ │ │ │ + OCSPCachingClient OCSP client which adds a cache layer on top of │ │ │ │ │ OCSPClientImpl. │ │ │ │ │ - OCSPCheckingMode Defines On-line Certificate │ │ │ │ │ - Status Protocol usage mode. │ │ │ │ │ - OCSP client is responsible for │ │ │ │ │ - OCSPClientImpl the network related activity │ │ │ │ │ - of the OCSP invocation │ │ │ │ │ + OCSPCheckingMode Defines On-line Certificate Status Protocol │ │ │ │ │ + usage mode. │ │ │ │ │ + OCSP client is responsible for the network │ │ │ │ │ + OCSPClientImpl related activity of the OCSP invocation │ │ │ │ │ pipeline. │ │ │ │ │ - OCSPParametes Manages configuration of OCSP │ │ │ │ │ - support for all truststores. │ │ │ │ │ - OCSPResponder Configuration of a local │ │ │ │ │ - responder. │ │ │ │ │ - OCSP failing responses cache: │ │ │ │ │ - OCSPRespondersCache in memory with disk │ │ │ │ │ + OCSPParametes Manages configuration of OCSP support for all │ │ │ │ │ + truststores. │ │ │ │ │ + OCSPResponder Configuration of a local responder. │ │ │ │ │ + OCSPRespondersCache OCSP failing responses cache: in memory with │ │ │ │ │ + disk persistence. │ │ │ │ │ + OCSPResponsesCache OCSP responses cache: in memory with disk │ │ │ │ │ persistence. │ │ │ │ │ - OCSPResponsesCache OCSP responses cache: in │ │ │ │ │ - memory with disk persistence. │ │ │ │ │ - Holds OCSP response (parsed) │ │ │ │ │ - OCSPResponseStructure and some additional metadata, │ │ │ │ │ - e.g. │ │ │ │ │ + OCSPResponseStructure Holds OCSP response (parsed) and some additional │ │ │ │ │ + metadata, e.g. │ │ │ │ │ OCSPResult   │ │ │ │ │ OCSPResult.Status   │ │ │ │ │ - Implementation of │ │ │ │ │ - OCSPRevocationChecker RevocationChecker using CRLs, │ │ │ │ │ + OCSPRevocationChecker Implementation of RevocationChecker using CRLs, │ │ │ │ │ the OCSPVerifier │ │ │ │ │ - OCSP checker - uses provided │ │ │ │ │ - OCSPParametes to perform OCSP │ │ │ │ │ - OCSPVerifier calls using OCSPCachingClient │ │ │ │ │ - and returns the final │ │ │ │ │ - response. │ │ │ │ │ - OidAndValue certificate attribute value │ │ │ │ │ - with its OID. │ │ │ │ │ - The certificate validator │ │ │ │ │ - OpensslCertChainValidator which uses OpenSSL directory │ │ │ │ │ - as a truststore. │ │ │ │ │ - Implementation of the CRL │ │ │ │ │ - OpensslCRLStoreSpi store which uses CRLs from a │ │ │ │ │ - single directory in OpenSSL │ │ │ │ │ + OCSP checker - uses provided OCSPParametes to │ │ │ │ │ + OCSPVerifier perform OCSP calls using OCSPCachingClient and │ │ │ │ │ + returns the final response. │ │ │ │ │ + OidAndValue with its OID. │ │ │ │ │ + OpensslCertChainValidator The certificate validator which uses OpenSSL │ │ │ │ │ + directory as a truststore. │ │ │ │ │ + OpensslCRLStoreSpi Implementation of the CRL store which uses CRLs │ │ │ │ │ + from a single directory in OpenSSL format. │ │ │ │ │ + OpensslNamespacePolicyImpl Represents a namespace policy, i.e. │ │ │ │ │ + OpensslNameUtils This class provides support for the legacy │ │ │ │ │ + Openssl format of DN encoding. │ │ │ │ │ + Implementations of this interface are used by │ │ │ │ │ + OpensslTrustAnchorStore OpensslCertChainValidator to get access to the │ │ │ │ │ + trust anchor store. │ │ │ │ │ + Implementation of the truststore which uses CA │ │ │ │ │ + OpensslTrustAnchorStoreImpl certificates from a single directory in OpenSSL │ │ │ │ │ format. │ │ │ │ │ - OpensslNamespacePolicyImpl Represents a namespace policy, │ │ │ │ │ - i.e. │ │ │ │ │ - This class provides support │ │ │ │ │ - OpensslNameUtils for the legacy Openssl format │ │ │ │ │ - of DN encoding. │ │ │ │ │ - Implementations of this │ │ │ │ │ - interface are used by │ │ │ │ │ - OpensslTrustAnchorStore OpensslCertChainValidator to │ │ │ │ │ - get access to the trust anchor │ │ │ │ │ - store. │ │ │ │ │ - Implementation of the │ │ │ │ │ - OpensslTrustAnchorStoreImpl truststore which uses CA │ │ │ │ │ - certificates from a single │ │ │ │ │ - directory in OpenSSL format. │ │ │ │ │ - Several static methods helping │ │ │ │ │ - OpensslTruststoreHelper to mangle truststore file │ │ │ │ │ - paths in openssl style. │ │ │ │ │ - ParserUtils Common helpers for namespace │ │ │ │ │ - file parsers. │ │ │ │ │ + OpensslTruststoreHelper Several static methods helping to mangle │ │ │ │ │ + truststore file paths in openssl style. │ │ │ │ │ + ParserUtils Common helpers for namespace file parsers. │ │ │ │ │ PasswordSupplier Provides password on demand. │ │ │ │ │ - PEMCredential Wraps certificate and private │ │ │ │ │ - key stored in PEM format. │ │ │ │ │ - This class extends the │ │ │ │ │ - PKCS8DERReader PEMParser class from the BC │ │ │ │ │ - library. │ │ │ │ │ + PEMCredential Wraps certificate and private key stored in PEM │ │ │ │ │ + format. │ │ │ │ │ + PKCS8DERReader This class extends the PEMParser class from the │ │ │ │ │ + BC library. │ │ │ │ │ PKIXPolicyNode   │ │ │ │ │ - Checker which handles proxy │ │ │ │ │ - PKIXProxyCertificateChecker certificate extensions so BC │ │ │ │ │ - won't report them as unknown. │ │ │ │ │ - PlainCRLStoreSpi Handles an in-memory CRL │ │ │ │ │ - store. │ │ │ │ │ - An abstract validator which │ │ │ │ │ - PlainCRLValidator provides a CRL support common │ │ │ │ │ - for validators using │ │ │ │ │ + PKIXProxyCertificateChecker Checker which handles proxy certificate │ │ │ │ │ + extensions so BC won't report them as unknown. │ │ │ │ │ + PlainCRLStoreSpi Handles an in-memory CRL store. │ │ │ │ │ + An abstract validator which provides a CRL │ │ │ │ │ + PlainCRLValidator support common for validators using │ │ │ │ │ PlainCRLStoreSpi. │ │ │ │ │ - Class for CA or CRL stores │ │ │ │ │ - PlainStoreUtils with utility methods for │ │ │ │ │ - handling list of locations as │ │ │ │ │ - wildcards or URLs. │ │ │ │ │ - A class for handling the VOMS │ │ │ │ │ - ProxyACExtension AC extension in certificates │ │ │ │ │ - (OID: │ │ │ │ │ - 1.3.6.1.4.1.8005.100.100.5) │ │ │ │ │ - An utility class for defining │ │ │ │ │ - ProxyAddressRestrictionData the allowed address space, │ │ │ │ │ - used both to define the source │ │ │ │ │ + Class for CA or CRL stores with utility methods │ │ │ │ │ + PlainStoreUtils for handling list of locations as wildcards or │ │ │ │ │ + URLs. │ │ │ │ │ + ProxyACExtension A class for handling the VOMS AC extension in │ │ │ │ │ + certificates (OID: 1.3.6.1.4.1.8005.100.100.5) │ │ │ │ │ + An utility class for defining the allowed │ │ │ │ │ + ProxyAddressRestrictionData address space, used both to define the source │ │ │ │ │ and target restrictions. │ │ │ │ │ - Wraps information about a new │ │ │ │ │ - ProxyCertificate proxy which was generated by │ │ │ │ │ - the ProxyGenerator. │ │ │ │ │ - ProxyCertificateImpl Default implementation of the │ │ │ │ │ - ProxyCertificate interface. │ │ │ │ │ - Holds parameters which are │ │ │ │ │ - ProxyCertificateOptions used to create a proxy │ │ │ │ │ - certificate using only a │ │ │ │ │ - certificate chain. │ │ │ │ │ - ProxyCertInfoExtension Proxy cert info extension │ │ │ │ │ - class. │ │ │ │ │ - A class to get an information │ │ │ │ │ - ProxyChainInfo from a proxy certificate │ │ │ │ │ + ProxyCertificate Wraps information about a new proxy which was │ │ │ │ │ + generated by the ProxyGenerator. │ │ │ │ │ + ProxyCertificateImpl Default implementation of the ProxyCertificate │ │ │ │ │ + interface. │ │ │ │ │ + Holds parameters which are used to create a │ │ │ │ │ + ProxyCertificateOptions proxy certificate using only a certificate │ │ │ │ │ chain. │ │ │ │ │ - ProxyChainType Specifies the type of the │ │ │ │ │ - proxy chain. │ │ │ │ │ - Wraps information about a new │ │ │ │ │ - ProxyCSR proxy certificate signing │ │ │ │ │ - request which was generated by │ │ │ │ │ - the ProxyCSRGenerator. │ │ │ │ │ - ProxyCSRGenerator Generates a proxy certificate │ │ │ │ │ - signing request. │ │ │ │ │ + ProxyCertInfoExtension Proxy cert info extension class. │ │ │ │ │ + ProxyChainInfo A class to get an information from a proxy │ │ │ │ │ + certificate chain. │ │ │ │ │ + ProxyChainType Specifies the type of the proxy chain. │ │ │ │ │ + Wraps information about a new proxy certificate │ │ │ │ │ + ProxyCSR signing request which was generated by the │ │ │ │ │ + ProxyCSRGenerator. │ │ │ │ │ + ProxyCSRGenerator Generates a proxy certificate signing request. │ │ │ │ │ ProxyCSRImpl ProxyCSR implementation. │ │ │ │ │ - A class to get the information │ │ │ │ │ - ProxyCSRInfo from the proxy certificate │ │ │ │ │ - request. │ │ │ │ │ - ProxyGenerator Utilities to create proxy │ │ │ │ │ - certificates. │ │ │ │ │ - ProxyGeneratorHelper Actual implementation of the │ │ │ │ │ - Proxy generation. │ │ │ │ │ - ProxyHelper Various helpers for handling │ │ │ │ │ - proxy certificates │ │ │ │ │ + ProxyCSRInfo A class to get the information from the proxy │ │ │ │ │ + certificate request. │ │ │ │ │ + ProxyGenerator Utilities to create proxy certificates. │ │ │ │ │ + ProxyGeneratorHelper Actual implementation of the Proxy generation. │ │ │ │ │ + ProxyHelper Various helpers for handling proxy certificates │ │ │ │ │ ProxyPolicy Proxy policy ASN1 class. │ │ │ │ │ - Holds parameters which are │ │ │ │ │ - used to issue a proxy │ │ │ │ │ - ProxyRequestOptions certificate using a provided │ │ │ │ │ - Certificate Signing Request │ │ │ │ │ - and a local certificate chain. │ │ │ │ │ - ProxySAMLExtension A class for handling the SAML │ │ │ │ │ - extension in the Certificate. │ │ │ │ │ - ProxySupport Defines proxy support mode for │ │ │ │ │ - validators. │ │ │ │ │ - A class for generating and │ │ │ │ │ - ProxyTracingExtension parsing the proxy tracing │ │ │ │ │ - extensions. │ │ │ │ │ - ProxyType Specifies the type of the │ │ │ │ │ - proxy. │ │ │ │ │ - Utility methods for checking │ │ │ │ │ - ProxyUtils properties of proxy │ │ │ │ │ + Holds parameters which are used to issue a proxy │ │ │ │ │ + ProxyRequestOptions certificate using a provided Certificate Signing │ │ │ │ │ + Request and a local certificate chain. │ │ │ │ │ + ProxySAMLExtension A class for handling the SAML extension in the │ │ │ │ │ + Certificate. │ │ │ │ │ + ProxySupport Defines proxy support mode for validators. │ │ │ │ │ + ProxyTracingExtension A class for generating and parsing the proxy │ │ │ │ │ + tracing extensions. │ │ │ │ │ + ProxyType Specifies the type of the proxy. │ │ │ │ │ + ProxyUtils Utility methods for checking properties of proxy │ │ │ │ │ certificates. │ │ │ │ │ - InputStream implementation │ │ │ │ │ - that reads a character stream │ │ │ │ │ - ReaderInputStream from a Reader and transforms │ │ │ │ │ - it to a byte stream using a │ │ │ │ │ - specified charset encoding. │ │ │ │ │ - Used to check revocation using │ │ │ │ │ - RevocationChecker a single revocation checking │ │ │ │ │ - mechanism. │ │ │ │ │ - Wraps the information required │ │ │ │ │ - RevocationParameters to control how certificates │ │ │ │ │ - revocation is checked. │ │ │ │ │ + InputStream implementation that reads a │ │ │ │ │ + ReaderInputStream character stream from a Reader and transforms it │ │ │ │ │ + to a byte stream using a specified charset │ │ │ │ │ + encoding. │ │ │ │ │ + RevocationChecker Used to check revocation using a single │ │ │ │ │ + revocation checking mechanism. │ │ │ │ │ + RevocationParameters Wraps the information required to control how │ │ │ │ │ + certificates revocation is checked. │ │ │ │ │ RevocationParameters.RevocationCheckingOrder   │ │ │ │ │ - Manages configuration of │ │ │ │ │ - RevocationParametersExt revocation settings, used in │ │ │ │ │ - non-openssl truststores. │ │ │ │ │ - Covers possible generic │ │ │ │ │ - RevocationStatus revocation checking outcomes, │ │ │ │ │ - in case when certificate being │ │ │ │ │ - checked is not revoked. │ │ │ │ │ - This class exposes the BC's │ │ │ │ │ - RFC3280CertPathUtilitiesCanl JCA implementation of the │ │ │ │ │ - RFC3280CertPathUtilities. │ │ │ │ │ - RFCProxyCertInfoExtension Proxy cert info extension │ │ │ │ │ - class. │ │ │ │ │ - SimpleCRLStore Provider-less implementation │ │ │ │ │ - of the CertStore. │ │ │ │ │ - SimpleValidationErrorException Contains one problem code with │ │ │ │ │ - optional arguments. │ │ │ │ │ - Simple utility allowing │ │ │ │ │ - SocketFactoryCreator programmers to quickly create │ │ │ │ │ - SSL socket factories using │ │ │ │ │ + RevocationParametersExt Manages configuration of revocation settings, │ │ │ │ │ + used in non-openssl truststores. │ │ │ │ │ + Covers possible generic revocation checking │ │ │ │ │ + RevocationStatus outcomes, in case when certificate being checked │ │ │ │ │ + is not revoked. │ │ │ │ │ + RFC3280CertPathUtilitiesCanl This class exposes the BC's JCA implementation │ │ │ │ │ + of the RFC3280CertPathUtilities. │ │ │ │ │ + RFCProxyCertInfoExtension Proxy cert info extension class. │ │ │ │ │ + SimpleCRLStore Provider-less implementation of the CertStore. │ │ │ │ │ + SimpleValidationErrorException Contains one problem code with optional │ │ │ │ │ + arguments. │ │ │ │ │ + Simple utility allowing programmers to quickly │ │ │ │ │ + SocketFactoryCreator create SSL socket factories using │ │ │ │ │ X509CertChainValidator. │ │ │ │ │ - Implementation of TrustManager │ │ │ │ │ - SSLTrustManager which uses a configured │ │ │ │ │ - X509CertChainValidator to │ │ │ │ │ - validate certificates. │ │ │ │ │ - Implementations receive │ │ │ │ │ - StoreUpdateListener information about updates of │ │ │ │ │ - certificate, CRL stores or │ │ │ │ │ - OCSP errors. │ │ │ │ │ + Implementation of TrustManager which uses a │ │ │ │ │ + SSLTrustManager configured X509CertChainValidator to validate │ │ │ │ │ + certificates. │ │ │ │ │ + Implementations receive information about │ │ │ │ │ + StoreUpdateListener updates of certificate, CRL stores or OCSP │ │ │ │ │ + errors. │ │ │ │ │ StoreUpdateListener.Severity   │ │ │ │ │ - Base implementation of Trust │ │ │ │ │ - TimedTrustAnchorStoreBase Anchor stores which load all │ │ │ │ │ - certificates into memory. │ │ │ │ │ + TimedTrustAnchorStoreBase Base implementation of Trust Anchor stores which │ │ │ │ │ + load all certificates into memory. │ │ │ │ │ TrustAnchorExt   │ │ │ │ │ - Implementations provide trust │ │ │ │ │ - TrustAnchorStore store material: a list of │ │ │ │ │ - trusted CA certificates. │ │ │ │ │ - Holds information about a │ │ │ │ │ - ValidationError single validation problem with │ │ │ │ │ - a reference to the certificate │ │ │ │ │ + TrustAnchorStore Implementations provide trust store material: a │ │ │ │ │ + list of trusted CA certificates. │ │ │ │ │ + Holds information about a single validation │ │ │ │ │ + ValidationError problem with a reference to the certificate │ │ │ │ │ chain. │ │ │ │ │ - This enumeration contains │ │ │ │ │ - ValidationErrorCategory general classes of errors that │ │ │ │ │ - can be signaled during │ │ │ │ │ - certificate path validation. │ │ │ │ │ - This enumeration contains │ │ │ │ │ - ValidationErrorCode codes of errors that can be │ │ │ │ │ - signaled during certificate │ │ │ │ │ + This enumeration contains general classes of │ │ │ │ │ + ValidationErrorCategory errors that can be signaled during certificate │ │ │ │ │ path validation. │ │ │ │ │ - ValidationErrorException Wraps a list of │ │ │ │ │ - ValidationError │ │ │ │ │ - Invoked when there is an error │ │ │ │ │ - ValidationErrorListener found during certificate chain │ │ │ │ │ + This enumeration contains codes of errors that │ │ │ │ │ + ValidationErrorCode can be signaled during certificate path │ │ │ │ │ validation. │ │ │ │ │ - Wraps a validation result, │ │ │ │ │ - ValidationResult error messages and unresolved │ │ │ │ │ - certificate extension oids (if │ │ │ │ │ - any). │ │ │ │ │ - Contains parameters common for │ │ │ │ │ - ValidatorParams all X509CertChainValidator │ │ │ │ │ - implementations. │ │ │ │ │ - Contains parameters common for │ │ │ │ │ - ValidatorParamsExt all X509CertChainValidator │ │ │ │ │ - implementations which use │ │ │ │ │ + ValidationErrorException Wraps a list of ValidationError │ │ │ │ │ + ValidationErrorListener Invoked when there is an error found during │ │ │ │ │ + certificate chain validation. │ │ │ │ │ + ValidationResult Wraps a validation result, error messages and │ │ │ │ │ + unresolved certificate extension oids (if any). │ │ │ │ │ + ValidatorParams Contains parameters common for all │ │ │ │ │ + X509CertChainValidator implementations. │ │ │ │ │ + Contains parameters common for all │ │ │ │ │ + ValidatorParamsExt X509CertChainValidator implementations which use │ │ │ │ │ RevocationParametersExt │ │ │ │ │ - This class holds a partner of │ │ │ │ │ - WeakTimerTask the TimerTask reference as │ │ │ │ │ - weak one. │ │ │ │ │ - Contains utility static │ │ │ │ │ - methods which are helpful in │ │ │ │ │ - X500NameUtils manipulating X.500 │ │ │ │ │ - Distinguished Names, │ │ │ │ │ - especially encoded in String │ │ │ │ │ - form using RFC 2253. │ │ │ │ │ - Implementations are used to │ │ │ │ │ - X509CertChainValidator perform a manual certificate │ │ │ │ │ - chain validation. │ │ │ │ │ - Extends the main │ │ │ │ │ - X509CertChainValidator │ │ │ │ │ - interface with some additional │ │ │ │ │ - X509CertChainValidatorExt methods which are commonly │ │ │ │ │ - provided by the most validator │ │ │ │ │ - implementations, but are not │ │ │ │ │ - strictly required for the sole │ │ │ │ │ - validation. │ │ │ │ │ - Implementations are used to │ │ │ │ │ - X509Credential wrap credentials (private key │ │ │ │ │ - and certificate) in various │ │ │ │ │ + WeakTimerTask This class holds a partner of the TimerTask │ │ │ │ │ + reference as weak one. │ │ │ │ │ + Contains utility static methods which are │ │ │ │ │ + X500NameUtils helpful in manipulating X.500 Distinguished │ │ │ │ │ + Names, especially encoded in String form using │ │ │ │ │ + RFC 2253. │ │ │ │ │ + X509CertChainValidator Implementations are used to perform a manual │ │ │ │ │ + certificate chain validation. │ │ │ │ │ + Extends the main X509CertChainValidator │ │ │ │ │ + interface with some additional methods which are │ │ │ │ │ + X509CertChainValidatorExt commonly provided by the most validator │ │ │ │ │ + implementations, but are not strictly required │ │ │ │ │ + for the sole validation. │ │ │ │ │ + Implementations are used to wrap credentials │ │ │ │ │ + X509Credential (private key and certificate) in various │ │ │ │ │ formats. │ │ │ │ │ - Utility allowing for │ │ │ │ │ - X509Formatter converting certificates to │ │ │ │ │ + X509Formatter Utility allowing for converting certificates to │ │ │ │ │ various text representations. │ │ │ │ │ - X509v3CertificateBuilder Class to produce an X.509 │ │ │ │ │ - Version 3 certificate. │ │ │ │ │ + X509v3CertificateBuilder Class to produce an X.509 Version 3 certificate. │ │ │ │ │ │ │ │ │ │ Skip_navigation_links │ │ │ │ │ * Overview │ │ │ │ │ * Package │ │ │ │ │ * Class │ │ │ │ │ * Use │ │ │ │ │ * Tree │ │ │ ├── ./usr/share/doc/libcanl-java-doc/apidocs/deprecated-list.html │ │ │ │ @@ -113,15 +113,15 @@ │ │ │ │ Class │ │ │ │ Description │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ eu.emi.security.authn.x509.impl.AbstractHostnameToCertificateChecker │ │ │ │ │ │ │ │ -
Use connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ +
Use SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ instead. This class is not perfect as the HandshakeCompletedListener is invoked (at least in reference JDK) │ │ │ │ in a separate thread, what can easily lead to a situation when the connection is opened and made available, │ │ │ │ before this implementation finishes checking.
│ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ ├── html2text {} │ │ │ │ │ @@ -22,31 +22,25 @@ │ │ │ │ │   │ │ │ │ │ │ │ │ │ │ ****** Deprecated API ****** │ │ │ │ │ ***** Contents ***** │ │ │ │ │ * Classes │ │ │ │ │ * Methods │ │ │ │ │ * Constructors │ │ │ │ │ - * Classes  │ │ │ │ │ + * Classes  │ │ │ │ │ Class Description │ │ │ │ │ Use │ │ │ │ │ - connectWithHostnameChecking │ │ │ │ │ - (SSLSocket, │ │ │ │ │ - HostnameMismatchCallback) │ │ │ │ │ - instead. This class is not │ │ │ │ │ - perfect as the │ │ │ │ │ - HandshakeCompletedListener │ │ │ │ │ - eu.emi.security.authn.x509.impl.AbstractHostnameToCertificateChecker is invoked (at least in │ │ │ │ │ - reference JDK) in a │ │ │ │ │ - separate thread, what can │ │ │ │ │ - easily lead to a situation │ │ │ │ │ - when the connection is │ │ │ │ │ - opened and made available, │ │ │ │ │ - before this implementation │ │ │ │ │ - finishes checking. │ │ │ │ │ + SocketFactoryCreator.connectWithHostnameChecking │ │ │ │ │ + (SSLSocket,_HostnameMismatchCallback) instead. │ │ │ │ │ + This class is not perfect as the │ │ │ │ │ + eu.emi.security.authn.x509.impl.AbstractHostnameToCertificateChecker HandshakeCompletedListener is invoked (at least │ │ │ │ │ + in reference JDK) in a separate thread, what can │ │ │ │ │ + easily lead to a situation when the connection │ │ │ │ │ + is opened and made available, before this │ │ │ │ │ + implementation finishes checking. │ │ │ │ │ * Methods  │ │ │ │ │ Method Description │ │ │ │ │ use other │ │ │ │ │ eu.emi.security.authn.x509.helpers.KeyStoreHelper.getInstance​ methods │ │ │ │ │ (String) from this │ │ │ │ │ class. │ │ │ │ │ This method │ │ │ ├── ./usr/share/doc/libcanl-java-doc/apidocs/index-all.html │ │ │ │ @@ -122,15 +122,15 @@ │ │ │ │
Globus EACL policy store common code.
│ │ │ │ │ │ │ │
AbstractGlobusNamespacesStore(ObserversHandler, boolean) - Constructor for class eu.emi.security.authn.x509.helpers.ns.AbstractGlobusNamespacesStore
│ │ │ │
 
│ │ │ │
AbstractHostnameToCertificateChecker - Class in eu.emi.security.authn.x509.impl
│ │ │ │
│ │ │ │
Deprecated. │ │ │ │ -
Use connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ +
Use SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, HostnameMismatchCallback) │ │ │ │ instead. This class is not perfect as the HandshakeCompletedListener is invoked (at least in reference JDK) │ │ │ │ in a separate thread, what can easily lead to a situation when the connection is opened and made available, │ │ │ │ before this implementation finishes checking.
│ │ │ │
│ │ │ │
│ │ │ │
AbstractHostnameToCertificateChecker() - Constructor for class eu.emi.security.authn.x509.impl.AbstractHostnameToCertificateChecker
│ │ │ │
│ │ │ │ @@ -1839,25 +1839,25 @@ │ │ │ │
 
│ │ │ │
getSerialNumbers() - Method in class eu.emi.security.authn.x509.proxy.ProxyChainInfo
│ │ │ │
 
│ │ │ │
getServerAliases(String, Principal[]) - Method in class eu.emi.security.authn.x509.helpers.ssl.CredentialX509KeyManager
│ │ │ │
 
│ │ │ │
getServerSocketFactory(X509Credential, X509CertChainValidator) - Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator
│ │ │ │
│ │ │ │ -
Same as getServerSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) │ │ │ │ +
Same as SocketFactoryCreator.getServerSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) │ │ │ │ using SecureRandom implementation as the last argument.
│ │ │ │
│ │ │ │
getServerSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) - Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator
│ │ │ │
│ │ │ │
Returns an SSLServerSocketFactory configured to check │ │ │ │ client certificates with a provided validator.
│ │ │ │
│ │ │ │
getSocketFactory(X509Credential, X509CertChainValidator) - Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator
│ │ │ │
│ │ │ │ -
Same as getSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) │ │ │ │ +
Same as SocketFactoryCreator.getSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) │ │ │ │ using SecureRandom implementation as the last argument.
│ │ │ │
│ │ │ │
getSocketFactory(X509Credential, X509CertChainValidator, SecureRandom) - Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator
│ │ │ │
│ │ │ │
Returns an SSLSocketFactory configured to check │ │ │ │ servers' certificates with a provided validator.
│ │ │ │
│ │ │ │ ├── html2text {} │ │ │ │ │ @@ -47,19 +47,20 @@ │ │ │ │ │ Globus EACL policy store common code. │ │ │ │ │ AbstractGlobusNamespacesStore(ObserversHandler,_boolean) - Constructor for │ │ │ │ │ class eu.emi.security.authn.x509.helpers.ns.AbstractGlobusNamespacesStore │ │ │ │ │   │ │ │ │ │ AbstractHostnameToCertificateChecker - Class in │ │ │ │ │ eu.emi.security.authn.x509.impl │ │ │ │ │ Deprecated. │ │ │ │ │ - Use connectWithHostnameChecking(SSLSocket,_HostnameMismatchCallback) │ │ │ │ │ - instead. This class is not perfect as the HandshakeCompletedListener is │ │ │ │ │ - invoked (at least in reference JDK) in a separate thread, what can easily │ │ │ │ │ - lead to a situation when the connection is opened and made available, │ │ │ │ │ - before this implementation finishes checking. │ │ │ │ │ + Use SocketFactoryCreator.connectWithHostnameChecking(SSLSocket, │ │ │ │ │ + HostnameMismatchCallback) instead. This class is not perfect as the │ │ │ │ │ + HandshakeCompletedListener is invoked (at least in reference JDK) in a │ │ │ │ │ + separate thread, what can easily lead to a situation when the connection │ │ │ │ │ + is opened and made available, before this implementation finishes │ │ │ │ │ + checking. │ │ │ │ │ AbstractHostnameToCertificateChecker() - Constructor for class │ │ │ │ │ eu.emi.security.authn.x509.impl.AbstractHostnameToCertificateChecker │ │ │ │ │ Deprecated. │ │ │ │ │   │ │ │ │ │ AbstractNamespacesStore - Class in eu.emi.security.authn.x509.helpers.ns │ │ │ │ │ Policy store common code. │ │ │ │ │ AbstractNamespacesStore(ObserversHandler,_boolean) - Constructor for class │ │ │ │ │ @@ -1759,24 +1760,26 @@ │ │ │ │ │ eu.emi.security.authn.x509.proxy.ProxyChainInfo │ │ │ │ │   │ │ │ │ │ getServerAliases(String,_Principal[]) - Method in class │ │ │ │ │ eu.emi.security.authn.x509.helpers.ssl.CredentialX509KeyManager │ │ │ │ │   │ │ │ │ │ getServerSocketFactory(X509Credential,_X509CertChainValidator) - Static │ │ │ │ │ method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator │ │ │ │ │ - Same as getServerSocketFactory(X509Credential,_X509CertChainValidator, │ │ │ │ │ - SecureRandom) using SecureRandom implementation as the last argument. │ │ │ │ │ + Same as SocketFactoryCreator.getServerSocketFactory(X509Credential, │ │ │ │ │ + X509CertChainValidator,_SecureRandom) using SecureRandom implementation │ │ │ │ │ + as the last argument. │ │ │ │ │ getServerSocketFactory(X509Credential,_X509CertChainValidator,_SecureRandom) │ │ │ │ │ - Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator │ │ │ │ │ Returns an SSLServerSocketFactory configured to check client certificates │ │ │ │ │ with a provided validator. │ │ │ │ │ getSocketFactory(X509Credential,_X509CertChainValidator) - Static method in │ │ │ │ │ class eu.emi.security.authn.x509.impl.SocketFactoryCreator │ │ │ │ │ - Same as getSocketFactory(X509Credential,_X509CertChainValidator, │ │ │ │ │ - SecureRandom) using SecureRandom implementation as the last argument. │ │ │ │ │ + Same as SocketFactoryCreator.getSocketFactory(X509Credential, │ │ │ │ │ + X509CertChainValidator,_SecureRandom) using SecureRandom implementation │ │ │ │ │ + as the last argument. │ │ │ │ │ getSocketFactory(X509Credential,_X509CertChainValidator,_SecureRandom) - │ │ │ │ │ Static method in class eu.emi.security.authn.x509.impl.SocketFactoryCreator │ │ │ │ │ Returns an SSLSocketFactory configured to check servers' certificates │ │ │ │ │ with a provided validator. │ │ │ │ │ getSourceRestrictionExcludedAddresses() - Method in class │ │ │ │ │ eu.emi.security.authn.x509.proxy.BaseProxyCertificateOptions │ │ │ │ │ Gets an excluded from source restriction IP addressSpace from the data