1 /* 2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.] 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.opensaml.xml.security.x509; 18 19 import org.opensaml.xml.security.SecurityException; 20 21 /** 22 * An interface for classes which evaluate an {@link X509Credential} against a set of trusted 23 * {@link PKIXValidationInformation}, using PKIX validation rules. 24 */ 25 public interface PKIXTrustEvaluator { 26 27 /** 28 * Validate the specified credential against the specified set of trusted validation information. 29 * 30 * @param validationInfo the set of trusted validation information 31 * @param untrustedCredential the credential being evaluated 32 * @return true if the credential can be successfully evaluated, false otherwise 33 * @throws SecurityException thrown if there is an error evaluating the credential 34 */ 35 public boolean validate(PKIXValidationInformation validationInfo, X509Credential untrustedCredential) 36 throws SecurityException; 37 38 /** 39 * Get the {@link PKIXValidationOptions} instance that is in use. 40 * 41 * @return the PKIXValidationOptions instance 42 */ 43 public PKIXValidationOptions getPKIXValidationOptions(); 44 45 } 46 47