Package org.conscrypt

Class CertificatePriorityComparator

  • All Implemented Interfaces:
    java.util.Comparator<java.security.cert.X509Certificate>
    @Internal
public final class CertificatePriorityComparator
extends java.lang.Object
implements java.util.Comparator<java.security.cert.X509Certificate>
    Comparator for prioritizing certificates in path building.

    The sort order is as follows:

    1. Self-issued certificates first.
    2. Strength of certificates descending (EC before RSA, key size descending, signature algorithm strength descending).
    3. notAfter date descending.
    4. notBefore date descending.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int compare​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int compareKeyAlgorithm​(java.security.PublicKey lhs, java.security.PublicKey rhs)  
      private int compareKeySize​(java.security.PublicKey lhs, java.security.PublicKey rhs)  
      private int compareSignatureAlgorithm​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int compareStrength​(java.security.cert.X509Certificate lhs, java.security.cert.X509Certificate rhs)  
      private int getKeySize​(java.security.PublicKey pkey)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface java.util.Comparator

        equals, reversed, thenComparing, thenComparing, thenComparing, thenComparingDouble, thenComparingInt, thenComparingLong

    • Field Detail

      • ALGORITHM_OID_PRIORITY_MAP

        private static final java.util.Map<java.lang.String,​java.lang.Integer> ALGORITHM_OID_PRIORITY_MAP
        Map of signature algorithm OIDs to priorities. OIDs with a lower priority will be sorted before those with higher.

      • PRIORITY_MD5

        private static final java.lang.Integer PRIORITY_MD5

      • PRIORITY_SHA1

        private static final java.lang.Integer PRIORITY_SHA1

      • PRIORITY_SHA224

        private static final java.lang.Integer PRIORITY_SHA224

      • PRIORITY_SHA256

        private static final java.lang.Integer PRIORITY_SHA256

      • PRIORITY_SHA384

        private static final java.lang.Integer PRIORITY_SHA384

      • PRIORITY_SHA512

        private static final java.lang.Integer PRIORITY_SHA512

      • PRIORITY_UNKNOWN

        private static final java.lang.Integer PRIORITY_UNKNOWN

    • Constructor Detail

      • CertificatePriorityComparator

        public CertificatePriorityComparator()

    • Method Detail

      • compare

        public int compare​(java.security.cert.X509Certificate lhs,
                   java.security.cert.X509Certificate rhs)
        Specified by:
        compare in interface java.util.Comparator<java.security.cert.X509Certificate>

      • compareStrength

        private int compareStrength​(java.security.cert.X509Certificate lhs,
                            java.security.cert.X509Certificate rhs)

      • compareKeyAlgorithm

        private int compareKeyAlgorithm​(java.security.PublicKey lhs,
                                java.security.PublicKey rhs)

      • compareKeySize

        private int compareKeySize​(java.security.PublicKey lhs,
                           java.security.PublicKey rhs)

      • getKeySize

        private int getKeySize​(java.security.PublicKey pkey)

      • compareSignatureAlgorithm

        private int compareSignatureAlgorithm​(java.security.cert.X509Certificate lhs,
                                      java.security.cert.X509Certificate rhs)