equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved. |
2 * Copyright 2002-2010 Sun Microsystems, Inc. All Rights Reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Sun designates this |
7 * published by the Free Software Foundation. Sun designates this |
153 // check that chain is in correct order and check if chain contains |
153 // check that chain is in correct order and check if chain contains |
154 // trust anchor |
154 // trust anchor |
155 X500Principal prevIssuer = null; |
155 X500Principal prevIssuer = null; |
156 for (int i = 0; i < chain.length; i++) { |
156 for (int i = 0; i < chain.length; i++) { |
157 X509Certificate cert = chain[i]; |
157 X509Certificate cert = chain[i]; |
|
158 X500Principal dn = cert.getSubjectX500Principal(); |
158 if (i != 0 && |
159 if (i != 0 && |
159 !cert.getSubjectX500Principal().equals(prevIssuer)) { |
160 !dn.equals(prevIssuer)) { |
160 // chain is not ordered correctly, call builder instead |
161 // chain is not ordered correctly, call builder instead |
161 return doBuild(chain, otherCerts); |
162 return doBuild(chain, otherCerts); |
162 } |
163 } |
163 if (trustedCerts.contains(cert)) { |
164 if (trustedSubjects.containsKey(dn) |
|
165 && trustedSubjects.get(dn).getPublicKey() |
|
166 .equals(cert.getPublicKey())) { |
164 if (i == 0) { |
167 if (i == 0) { |
165 return new X509Certificate[] {chain[0]}; |
168 return new X509Certificate[] {chain[0]}; |
166 } |
169 } |
167 // Remove and call validator |
170 // Remove and call validator |
168 X509Certificate[] newChain = new X509Certificate[i]; |
171 X509Certificate[] newChain = new X509Certificate[i]; |