CertificateVerifier.java example

Explorer
irma_future_id-master
/****************************************************************************
 * Copyright (C) 2013 ecsec GmbH.
 * All rights reserved.
 * Contact: ecsec GmbH (info@ecsec.de)
 *
 * This file is part of the Open eCard App.
 *
 * GNU General Public License Usage
 * This file may be used under the terms of the GNU General Public
 * License version 3.0 as published by the Free Software Foundation
 * and appearing in the file LICENSE.GPL included in the packaging of
 * this file. Please review the following information to ensure the
 * GNU General Public License version 3.0 requirements will be met:
 * http://www.gnu.org/copyleft/gpl.html.
 *
 * Other Usage
 * Alternatively, this file may be used in accordance with the terms
 * and conditions contained in a signed written agreement between
 * you and ecsec GmbH.
 *
 ***************************************************************************/

package org.openecard.control.module.tctoken;

import java.net.URL;
import org.openecard.bouncycastle.crypto.tls.Certificate;


/**
 * Verifier interface for the TCTokenGrabber class.
 * The interface can be used to add security checks like e.g. the ones defined in TR-03112.
 *
 * @author Tobias Wich <tobias.wich@ecsec.de>
 */
public interface CertificateVerifier {

    /**
     * Result indicating whether to proceed or stop execution.
     * Errors in the validation are signaled with exceptions in the {@code verify} function itself.
     */
    public static enum VerifierResult {
	CONTINE,
	FINISH;
    }

    /**
     * Verify the given tuple.
     *
     * @param url Url of the last connection.
     * @param cert Certificate chain of the last connection.
     * @return Status indicating how to proceed.
     * @throws ControlException Thrown in case the validation failed.
     */
    public VerifierResult verify(URL url, Certificate cert) throws ControlException;

}