28 import java.io.IOException; |
28 import java.io.IOException; |
29 import java.util.*; |
29 import java.util.*; |
30 |
30 |
31 import java.security.GeneralSecurityException; |
31 import java.security.GeneralSecurityException; |
32 import java.security.InvalidKeyException; |
32 import java.security.InvalidKeyException; |
33 import java.security.cert.Certificate; |
|
34 import java.security.cert.CertificateException; |
33 import java.security.cert.CertificateException; |
35 import java.security.cert.CertPathValidatorException; |
34 import java.security.cert.CertPathValidatorException; |
36 import java.security.cert.PKIXReason; |
35 import java.security.cert.PKIXReason; |
37 import java.security.cert.CertStore; |
36 import java.security.cert.CertStore; |
38 import java.security.cert.CertStoreException; |
37 import java.security.cert.CertStoreException; |
42 import java.security.cert.X509Certificate; |
41 import java.security.cert.X509Certificate; |
43 import java.security.cert.X509CertSelector; |
42 import java.security.cert.X509CertSelector; |
44 import javax.security.auth.x500.X500Principal; |
43 import javax.security.auth.x500.X500Principal; |
45 |
44 |
46 import sun.security.util.Debug; |
45 import sun.security.util.Debug; |
47 import sun.security.util.DerOutputStream; |
|
48 import sun.security.x509.AccessDescription; |
46 import sun.security.x509.AccessDescription; |
49 import sun.security.x509.AuthorityInfoAccessExtension; |
47 import sun.security.x509.AuthorityInfoAccessExtension; |
50 import sun.security.x509.PKIXExtensions; |
48 import sun.security.x509.PKIXExtensions; |
51 import sun.security.x509.PolicyMappingsExtension; |
49 import sun.security.x509.PolicyMappingsExtension; |
52 import sun.security.x509.X500Name; |
50 import sun.security.x509.X500Name; |
53 import sun.security.x509.X509CertImpl; |
51 import sun.security.x509.X509CertImpl; |
54 import sun.security.x509.X509CRLImpl; |
|
55 import sun.security.x509.AuthorityKeyIdentifierExtension; |
52 import sun.security.x509.AuthorityKeyIdentifierExtension; |
56 import sun.security.x509.KeyIdentifier; |
|
57 import sun.security.x509.SubjectKeyIdentifierExtension; |
|
58 import sun.security.x509.SerialNumber; |
|
59 import sun.security.x509.GeneralNames; |
|
60 import sun.security.x509.GeneralName; |
|
61 import sun.security.x509.GeneralNameInterface; |
|
62 import java.math.BigInteger; |
|
63 |
53 |
64 /** |
54 /** |
65 * This class represents a forward builder, which is able to retrieve |
55 * This class represents a forward builder, which is able to retrieve |
66 * matching certificates from CertStores and verify a particular certificate |
56 * matching certificates from CertStores and verify a particular certificate |
67 * against a ForwardState. |
57 * against a ForwardState. |
360 |
350 |
361 /** |
351 /** |
362 * Download Certificates from the given AIA and add them to the |
352 * Download Certificates from the given AIA and add them to the |
363 * specified Collection. |
353 * specified Collection. |
364 */ |
354 */ |
|
355 // cs.getCertificates(caSelector) returns a collection of X509Certificate's |
|
356 // because of the selector, so the cast is safe |
|
357 @SuppressWarnings("unchecked") |
365 private boolean getCerts(AuthorityInfoAccessExtension aiaExt, |
358 private boolean getCerts(AuthorityInfoAccessExtension aiaExt, |
366 Collection<X509Certificate> certs) { |
359 Collection<X509Certificate> certs) { |
367 if (Builder.USE_AIA == false) { |
360 if (Builder.USE_AIA == false) { |
368 return false; |
361 return false; |
369 } |
362 } |