Core Classes and Interfaces

The core classes of the Java™ Certification Path API consist of interfaces and classes that support certification path functionality in an algorithm- and implementation-independent manner. The API also includes a set of algorithm-specific classes for the PKIX standards that are discussed in the section titled PKIX Classes. The API builds on and extends the existing java.security.cert package for handling certificates. The core classes can be broken up into 4 class categories:

• Basic Certification Path Classes
• CertPath, CertificateFactory, CertPathParameters
• Certification Path Validation Classes
• CertPathValidator, CertPathValidatorResult
• Certification Path Building Classes
• CertPathBuilder, CertPathBuilderResult
• Certificate/CRL Storage Classes
• CertStore, CertStoreParameters, CertSelector, CRLSelector

The following sections describe the most commonly used methods of each class and interface. Usage examples for some of the classes are interspersed throughout the guide.

Most of the classes and interfaces in the CertPath API are not thread-safe. However, there are some exceptions which are noted in this guide and the API specification. Multiple threads that need to access a single non-thread-safe object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.