Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/sun/security/validator/PKIXValidator.java
changeset 5613 1146efa21514
parent 4326 6874332ce959
child 5627 e636ac7a63a4
equal deleted inserted replaced
5612:c0d1673e1ca6 5613:1146efa21514 
     1 /*
 
     1 /*
 
     2  * Copyright 2002-2009 Sun Microsystems, Inc.  All Rights Reserved.
 
     2  * Copyright 2002-2010 Sun Microsystems, Inc.  All Rights Reserved.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     4  *
 
     4  *
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     7  * published by the Free Software Foundation.  Sun designates this
 
     7  * published by the Free Software Foundation.  Sun designates this
 
   153             // check that chain is in correct order and check if chain contains
 
   153             // check that chain is in correct order and check if chain contains
 
   154             // trust anchor
 
   154             // trust anchor
 
   155             X500Principal prevIssuer = null;
 
   155             X500Principal prevIssuer = null;
 
   156             for (int i = 0; i < chain.length; i++) {
 
   156             for (int i = 0; i < chain.length; i++) {
 
   157                 X509Certificate cert = chain[i];
 
   157                 X509Certificate cert = chain[i];
 
       
   158                 X500Principal dn = cert.getSubjectX500Principal();
 
   158                 if (i != 0 &&
 
   159                 if (i != 0 &&
 
   159                     !cert.getSubjectX500Principal().equals(prevIssuer)) {
 
   160                     !dn.equals(prevIssuer)) {
 
   160                     // chain is not ordered correctly, call builder instead
 
   161                     // chain is not ordered correctly, call builder instead
 
   161                     return doBuild(chain, otherCerts);
 
   162                     return doBuild(chain, otherCerts);
 
   162                 }
 
   163                 }
 
   163                 if (trustedCerts.contains(cert)) {
 
   164                 if (trustedSubjects.containsKey(dn)
 
       
   165                         && trustedSubjects.get(dn).getPublicKey()
 
       
   166                             .equals(cert.getPublicKey())) {
 
   164                     if (i == 0) {
 
   167                     if (i == 0) {
 
   165                         return new X509Certificate[] {chain[0]};
 
   168                         return new X509Certificate[] {chain[0]};
 
   166                     }
 
   169                     }
 
   167                     // Remove and call validator
 
   170                     // Remove and call validator
 
   168                     X509Certificate[] newChain = new X509Certificate[i];
 
   171                     X509Certificate[] newChain = new X509Certificate[i];
jdk-sandbox