jdk/src/java.base/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java
equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
222 try { |
222 try { |
223 byte[] extVal = xcert.getExtensionValue("2.5.29.14"); |
223 byte[] extVal = xcert.getExtensionValue("2.5.29.14"); |
224 if (extVal == null) { |
224 if (extVal == null) { |
225 if (debug != null) { |
225 if (debug != null) { |
226 debug.println("AdaptableX509CertSelector.match: " |
226 debug.println("AdaptableX509CertSelector.match: " |
227 + "no subject key ID extension"); |
227 + "no subject key ID extension. Subject: " |
|
228 + xcert.getSubjectX500Principal()); |
228 } |
229 } |
229 return true; |
230 return true; |
230 } |
231 } |
231 DerInputStream in = new DerInputStream(extVal); |
232 DerInputStream in = new DerInputStream(extVal); |
232 byte[] certSubjectKeyID = in.getOctetString(); |
233 byte[] certSubjectKeyID = in.getOctetString(); |
233 if (certSubjectKeyID == null || |
234 if (certSubjectKeyID == null || |
234 !Arrays.equals(ski, certSubjectKeyID)) { |
235 !Arrays.equals(ski, certSubjectKeyID)) { |
235 if (debug != null) { |
236 if (debug != null) { |
236 debug.println("AdaptableX509CertSelector.match: " |
237 debug.println("AdaptableX509CertSelector.match: " |
237 + "subject key IDs don't match"); |
238 + "subject key IDs don't match. " |
|
239 + "Expected: " + Arrays.toString(ski) + " " |
|
240 + "Cert's: " + Arrays.toString(certSubjectKeyID)); |
238 } |
241 } |
239 return false; |
242 return false; |
240 } |
243 } |
241 } catch (IOException ex) { |
244 } catch (IOException ex) { |
242 if (debug != null) { |
245 if (debug != null) { |