org.mozilla.jss.ssl

Class SSLCertificateApprovalCallback.ValidityStatus

public static class SSLCertificateApprovalCallback.ValidityStatus extends Object

This class holds details about the errors for each cert in the chain that the server presented To use this class, getReasons(), then iterate over the enumeration
Field Summary
static intBAD_CERT_DOMAIN
this indicates common-name mismatch
static intBAD_KEY
static intBAD_SIGNATURE
static intCA_CERT_INVALID
static intCERT_BAD_ACCESS_LOCATION
static intCERT_NOT_IN_NAME_SPACE
static intCERT_STATUS_SERVER_ERROR
static intEXPIRED_CERTIFICATE
static intEXPIRED_ISSUER_CERTIFICATE
static intINADEQUATE_CERT_TYPE
static intINADEQUATE_KEY_USAGE
static intINVALID_TIME
static intOCSP_BAD_HTTP_RESPONSE
static intOCSP_FUTURE_RESPONSE
static intOCSP_MALFORMED_REQUEST
static intOCSP_MALFORMED_RESPONSE
static intOCSP_NOT_ENABLED
static intOCSP_NO_DEFAULT_RESPONDER
static intOCSP_OLD_RESPONSE
static intOCSP_REQUEST_NEEDS_SIG
static intOCSP_SERVER_ERROR
static intOCSP_TRY_SERVER_LATER
static intOCSP_UNAUTHORIZED_REQUEST
static intOCSP_UNAUTHORIZED_RESPONSE
static intOCSP_UNKNOWN_CERT
static intOCSP_UNKNOWN_RESPONSE_STATUS
static intOCSP_UNKNOWN_RESPONSE_TYPE
static intPATH_LEN_CONSTRAINT_INVALID
static intREVOKED_CERTIFICATE
static intSEC_ERROR_CRL_BAD_SIGNATURE
static intSEC_ERROR_CRL_EXPIRED
static intSEC_ERROR_CRL_INVALID
static intUNKNOWN_ISSUER
static intUNKNOWN_SIGNER
static intUNTRUSTED_CERT
static intUNTRUSTED_ISSUER
Method Summary
voidaddReason(int newReason, PK11Cert cert, int depth)
add a new failure reason to this enumeration.
EnumerationgetReasons()
returns an enumeration.

Field Detail

BAD_CERT_DOMAIN

public static final int BAD_CERT_DOMAIN
this indicates common-name mismatch

BAD_KEY

public static final int BAD_KEY

BAD_SIGNATURE

public static final int BAD_SIGNATURE

CA_CERT_INVALID

public static final int CA_CERT_INVALID

CERT_BAD_ACCESS_LOCATION

public static final int CERT_BAD_ACCESS_LOCATION

CERT_NOT_IN_NAME_SPACE

public static final int CERT_NOT_IN_NAME_SPACE

CERT_STATUS_SERVER_ERROR

public static final int CERT_STATUS_SERVER_ERROR

EXPIRED_CERTIFICATE

public static final int EXPIRED_CERTIFICATE

EXPIRED_ISSUER_CERTIFICATE

public static final int EXPIRED_ISSUER_CERTIFICATE

INADEQUATE_CERT_TYPE

public static final int INADEQUATE_CERT_TYPE

INADEQUATE_KEY_USAGE

public static final int INADEQUATE_KEY_USAGE

INVALID_TIME

public static final int INVALID_TIME

OCSP_BAD_HTTP_RESPONSE

public static final int OCSP_BAD_HTTP_RESPONSE

OCSP_FUTURE_RESPONSE

public static final int OCSP_FUTURE_RESPONSE

OCSP_MALFORMED_REQUEST

public static final int OCSP_MALFORMED_REQUEST

OCSP_MALFORMED_RESPONSE

public static final int OCSP_MALFORMED_RESPONSE

OCSP_NOT_ENABLED

public static final int OCSP_NOT_ENABLED

OCSP_NO_DEFAULT_RESPONDER

public static final int OCSP_NO_DEFAULT_RESPONDER

OCSP_OLD_RESPONSE

public static final int OCSP_OLD_RESPONSE

OCSP_REQUEST_NEEDS_SIG

public static final int OCSP_REQUEST_NEEDS_SIG

OCSP_SERVER_ERROR

public static final int OCSP_SERVER_ERROR

OCSP_TRY_SERVER_LATER

public static final int OCSP_TRY_SERVER_LATER

OCSP_UNAUTHORIZED_REQUEST

public static final int OCSP_UNAUTHORIZED_REQUEST

OCSP_UNAUTHORIZED_RESPONSE

public static final int OCSP_UNAUTHORIZED_RESPONSE

OCSP_UNKNOWN_CERT

public static final int OCSP_UNKNOWN_CERT

OCSP_UNKNOWN_RESPONSE_STATUS

public static final int OCSP_UNKNOWN_RESPONSE_STATUS

OCSP_UNKNOWN_RESPONSE_TYPE

public static final int OCSP_UNKNOWN_RESPONSE_TYPE

PATH_LEN_CONSTRAINT_INVALID

public static final int PATH_LEN_CONSTRAINT_INVALID

REVOKED_CERTIFICATE

public static final int REVOKED_CERTIFICATE

SEC_ERROR_CRL_BAD_SIGNATURE

public static final int SEC_ERROR_CRL_BAD_SIGNATURE

SEC_ERROR_CRL_EXPIRED

public static final int SEC_ERROR_CRL_EXPIRED

SEC_ERROR_CRL_INVALID

public static final int SEC_ERROR_CRL_INVALID

UNKNOWN_ISSUER

public static final int UNKNOWN_ISSUER

UNKNOWN_SIGNER

public static final int UNKNOWN_SIGNER

UNTRUSTED_CERT

public static final int UNTRUSTED_CERT

UNTRUSTED_ISSUER

public static final int UNTRUSTED_ISSUER

Method Detail

addReason

public void addReason(int newReason, PK11Cert cert, int depth)
add a new failure reason to this enumeration. This is called from the native code callback when it does a verify on the cert chain

Parameters: newReason sslerr.h error code - see constants defined above; cert a reference to the cert - so you can see the subject name, etc depth the index of this cert in the chain. 0 is the server cert.

getReasons

public Enumeration getReasons()
returns an enumeration. The elements in the enumeration are all of type 'ValidityItem'