jdk/src/java.base/share/classes/sun/security/validator/SimpleValidator.java
changeset 31688 42c9b194a469
parent 25859 3317bb8137f4
child 32032 22badc53802f
equal deleted inserted replaced
31687:d6eb4f028c60 31688:42c9b194a469
     1 /*
     1 /*
     2  * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
     2  * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
     4  *
     4  *
     5  * This code is free software; you can redistribute it and/or modify it
     5  * This code is free software; you can redistribute it and/or modify it
     6  * under the terms of the GNU General Public License version 2 only, as
     6  * under the terms of the GNU General Public License version 2 only, as
     7  * published by the Free Software Foundation.  Oracle designates this
     7  * published by the Free Software Foundation.  Oracle designates this
   139         }
   139         }
   140 
   140 
   141         // create distrusted certificates checker
   141         // create distrusted certificates checker
   142         UntrustedChecker untrustedChecker = new UntrustedChecker();
   142         UntrustedChecker untrustedChecker = new UntrustedChecker();
   143 
   143 
       
   144         // check if anchor is untrusted
       
   145         X509Certificate anchorCert = chain[chain.length - 1];
       
   146         try {
       
   147             untrustedChecker.check(anchorCert);
       
   148         } catch (CertPathValidatorException cpve) {
       
   149             throw new ValidatorException(
       
   150                 "Untrusted certificate: "+ anchorCert.getSubjectX500Principal(),
       
   151                 ValidatorException.T_UNTRUSTED_CERT, anchorCert, cpve);
       
   152         }
       
   153 
   144         // create default algorithm constraints checker
   154         // create default algorithm constraints checker
   145         TrustAnchor anchor = new TrustAnchor(chain[chain.length - 1], null);
   155         TrustAnchor anchor = new TrustAnchor(anchorCert, null);
   146         AlgorithmChecker defaultAlgChecker = new AlgorithmChecker(anchor);
   156         AlgorithmChecker defaultAlgChecker = new AlgorithmChecker(anchor);
   147 
   157 
   148         // create application level algorithm constraints checker
   158         // create application level algorithm constraints checker
   149         AlgorithmChecker appAlgChecker = null;
   159         AlgorithmChecker appAlgChecker = null;
   150         if (constraints != null) {
   160         if (constraints != null) {