1 /* |
1 /* |
2 * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
420 buildParams.explicitPolicyRequired(), |
420 buildParams.explicitPolicyRequired(), |
421 buildParams.policyMappingInhibited(), |
421 buildParams.policyMappingInhibited(), |
422 buildParams.anyPolicyInhibited(), |
422 buildParams.anyPolicyInhibited(), |
423 buildParams.policyQualifiersRejected(), |
423 buildParams.policyQualifiersRejected(), |
424 rootNode); |
424 rootNode); |
425 |
|
426 checkers.add(policyChecker); |
425 checkers.add(policyChecker); |
427 |
426 |
428 // add the algorithm checker |
427 // add the algorithm checker |
429 checkers.add(new AlgorithmChecker(builder.trustAnchor)); |
428 checkers.add(new AlgorithmChecker(builder.trustAnchor)); |
430 |
429 |
453 |
452 |
454 boolean revCheckerAdded = false; |
453 boolean revCheckerAdded = false; |
455 List<PKIXCertPathChecker> ckrs = buildParams.certPathCheckers(); |
454 List<PKIXCertPathChecker> ckrs = buildParams.certPathCheckers(); |
456 for (PKIXCertPathChecker ckr : ckrs) { |
455 for (PKIXCertPathChecker ckr : ckrs) { |
457 if (ckr instanceof PKIXRevocationChecker) { |
456 if (ckr instanceof PKIXRevocationChecker) { |
|
457 if (revCheckerAdded) { |
|
458 throw new CertPathValidatorException( |
|
459 "Only one PKIXRevocationChecker can be specified"); |
|
460 } |
458 revCheckerAdded = true; |
461 revCheckerAdded = true; |
459 // if it's our own, initialize it |
462 // if it's our own, initialize it |
460 if (ckr instanceof RevocationChecker) |
463 if (ckr instanceof RevocationChecker) { |
461 ((RevocationChecker)ckr).init(builder.trustAnchor, |
464 ((RevocationChecker)ckr).init(builder.trustAnchor, |
462 buildParams); |
465 buildParams); |
|
466 } |
463 } |
467 } |
464 } |
468 } |
465 // only add a RevocationChecker if revocation is enabled and |
469 // only add a RevocationChecker if revocation is enabled and |
466 // a PKIXRevocationChecker has not already been added |
470 // a PKIXRevocationChecker has not already been added |
467 if (buildParams.revocationEnabled() && !revCheckerAdded) { |
471 if (buildParams.revocationEnabled() && !revCheckerAdded) { |