equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
139 } |
139 } |
140 |
140 |
141 // create distrusted certificates checker |
141 // create distrusted certificates checker |
142 UntrustedChecker untrustedChecker = new UntrustedChecker(); |
142 UntrustedChecker untrustedChecker = new UntrustedChecker(); |
143 |
143 |
|
144 // check if anchor is untrusted |
|
145 X509Certificate anchorCert = chain[chain.length - 1]; |
|
146 try { |
|
147 untrustedChecker.check(anchorCert); |
|
148 } catch (CertPathValidatorException cpve) { |
|
149 throw new ValidatorException( |
|
150 "Untrusted certificate: "+ anchorCert.getSubjectX500Principal(), |
|
151 ValidatorException.T_UNTRUSTED_CERT, anchorCert, cpve); |
|
152 } |
|
153 |
144 // create default algorithm constraints checker |
154 // create default algorithm constraints checker |
145 TrustAnchor anchor = new TrustAnchor(chain[chain.length - 1], null); |
155 TrustAnchor anchor = new TrustAnchor(anchorCert, null); |
146 AlgorithmChecker defaultAlgChecker = new AlgorithmChecker(anchor); |
156 AlgorithmChecker defaultAlgChecker = new AlgorithmChecker(anchor); |
147 |
157 |
148 // create application level algorithm constraints checker |
158 // create application level algorithm constraints checker |
149 AlgorithmChecker appAlgChecker = null; |
159 AlgorithmChecker appAlgChecker = null; |
150 if (constraints != null) { |
160 if (constraints != null) { |