X509CertificateChainBuilder

java.lang.Object
- org.apache.commons.ssl.X509CertificateChainBuilder

```
public class X509CertificateChainBuilder
extends Object
```
Utility for building X509 certificate chains.

Since:

16-Nov-2005

Author:

Credit Union Central of British Columbia, www.cucbc.com, juliusdavies@cucbc.com

Constructor Summary

Constructors
Constructor and Description

X509CertificateChainBuilder()

Constructors
Constructor and Description
`X509CertificateChainBuilder()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static X509Certificate[]`	`buildPath(X509Certificate startingPoint, Certificate[] certificates)` Builds the ordered certificate chain upwards from the startingPoint.
`static X509Certificate[]`	`buildPath(X509Certificate startingPoint, Collection certificates)` Builds the ordered certificate chain upwards from the startingPoint.
`static boolean`	`isSelfSigned(X509Certificate cert)`
`static void`	`main(String[] args)`
`static boolean`	`verify(X509Certificate cert, PublicKey key)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - X509CertificateChainBuilder
```
public X509CertificateChainBuilder()
```
- Method Detail
  - buildPath
```
public static X509Certificate[] buildPath(X509Certificate startingPoint,
                                          Certificate[] certificates)
                                   throws NoSuchAlgorithmException,
                                          InvalidKeyException,
                                          NoSuchProviderException,
                                          CertificateException
```
    Builds the ordered certificate chain upwards from the startingPoint. Uses the supplied X509Certificate[] array to search for the parent, grandparent, and higher ancestor certificates. Stops at self-signed certificates, or when no ancestor can be found.
    Thanks to Joe Whitney for helping me put together a Big-O( m * n ) implementation where m = the length of the final certificate chain. For a while I was using a Big-O( n ^ 2 ) implementation!
    
    Parameters:
    
    startingPoint - the X509Certificate for which we want to find ancestors
    
    certificates - A pool of certificates in which we expect to find the startingPoint's ancestors.
    
    Returns:
    
    Array of X509Certificates, starting with the "startingPoint" and ending with highest level ancestor we could find in the supplied collection.
    
    Throws:
    
    NoSuchAlgorithmException - on unsupported signature algorithms.
    
    InvalidKeyException - on incorrect key.
    
    NoSuchProviderException - if there's no default provider.
    
    CertificateException - on encoding errors.
  - buildPath
```
public static X509Certificate[] buildPath(X509Certificate startingPoint,
                                          Collection certificates)
                                   throws NoSuchAlgorithmException,
                                          InvalidKeyException,
                                          NoSuchProviderException,
                                          CertificateException
```
    Builds the ordered certificate chain upwards from the startingPoint. Uses the supplied collection to search for the parent, grandparent, and higher ancestor certificates. Stops at self-signed certificates, or when no ancestor can be found.
    Thanks to Joe Whitney for helping me put together a Big-O( m * n ) implementation where m = the length of the final certificate chain. For a while I was using a Big-O( n ^ 2 ) implementation!
    
    Parameters:
    
    startingPoint - the X509Certificate for which we want to find ancestors
    
    certificates - A pool of certificates in which we expect to find the startingPoint's ancestors.
    
    Returns:
    
    Array of X509Certificates, starting with the "startingPoint" and ending with highest level ancestor we could find in the supplied collection.
    
    Throws:
    
    NoSuchAlgorithmException - on unsupported signature algorithms.
    
    InvalidKeyException - on incorrect key.
    
    NoSuchProviderException - if there's no default provider.
    
    CertificateException - on encoding errors.
  - isSelfSigned
```
public static boolean isSelfSigned(X509Certificate cert)
                            throws CertificateException,
                                   InvalidKeyException,
                                   NoSuchAlgorithmException,
                                   NoSuchProviderException
```
    Throws:
    
    CertificateException
    
    InvalidKeyException
    
    NoSuchAlgorithmException
    
    NoSuchProviderException
  - verify
```
public static boolean verify(X509Certificate cert,
                             PublicKey key)
                      throws CertificateException,
                             InvalidKeyException,
                             NoSuchAlgorithmException,
                             NoSuchProviderException
```
    Throws:
    
    CertificateException
    
    InvalidKeyException
    
    NoSuchAlgorithmException
    
    NoSuchProviderException
  - main
```
public static void main(String[] args)
                 throws Exception
```
    Throws:
    
    Exception

Class X509CertificateChainBuilder

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

X509CertificateChainBuilder

Method Detail

buildPath

buildPath

isSelfSigned

verify

main