equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
28 import java.io.IOException; |
28 import java.io.IOException; |
29 import java.security.PublicKey; |
29 import java.security.PublicKey; |
30 import java.security.cert.CertificateException; |
30 import java.security.cert.CertificateException; |
31 import java.security.cert.CertPathValidatorException; |
31 import java.security.cert.CertPathValidatorException; |
32 import java.security.cert.PKIXCertPathChecker; |
32 import java.security.cert.PKIXCertPathChecker; |
|
33 import java.security.cert.PKIXRevocationChecker; |
33 import java.security.cert.TrustAnchor; |
34 import java.security.cert.TrustAnchor; |
34 import java.security.cert.X509Certificate; |
35 import java.security.cert.X509Certificate; |
35 import java.util.ArrayList; |
36 import java.util.ArrayList; |
36 import java.util.HashSet; |
37 import java.util.HashSet; |
37 import java.util.List; |
38 import java.util.List; |
233 // able to set the trust anchor until now. |
234 // able to set the trust anchor until now. |
234 boolean revCheckerAdded = false; |
235 boolean revCheckerAdded = false; |
235 for (PKIXCertPathChecker checker : userCheckers) { |
236 for (PKIXCertPathChecker checker : userCheckers) { |
236 if (checker instanceof AlgorithmChecker) { |
237 if (checker instanceof AlgorithmChecker) { |
237 ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); |
238 ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); |
238 } else if (checker instanceof RevocationChecker) { |
239 } else if (checker instanceof PKIXRevocationChecker) { |
239 ((RevocationChecker)checker).init(anchor, buildParams); |
240 if (revCheckerAdded) { |
240 ((RevocationChecker)checker).init(false); |
241 throw new CertPathValidatorException( |
|
242 "Only one PKIXRevocationChecker can be specified"); |
|
243 } |
|
244 // if it's our own, initialize it |
|
245 if (checker instanceof RevocationChecker) { |
|
246 ((RevocationChecker)checker).init(anchor, buildParams); |
|
247 } |
|
248 ((PKIXRevocationChecker)checker).init(false); |
241 revCheckerAdded = true; |
249 revCheckerAdded = true; |
242 } |
250 } |
243 } |
251 } |
244 |
252 |
245 // only create a RevocationChecker if revocation is enabled and |
253 // only create a RevocationChecker if revocation is enabled and |