jdk-sandbox: comparison jdk/src/share/classes/sun/security/provider/certpath/BasicChecker.java

equal deleted inserted replaced

-:7906d13db4eb
+:6d1f4b722acd
 /*
-* Copyright 2000-2007 Sun Microsystems, Inc.  All Rights Reserved.
+* Copyright 2000-2008 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Sun designates this
 import java.math.BigInteger;
 import java.util.Collection;
 import java.util.Date;
 import java.util.Set;
+import java.security.GeneralSecurityException;
 import java.security.KeyFactory;
 import java.security.PublicKey;
+import java.security.SignatureException;
 import java.security.cert.Certificate;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertPathValidatorException.BasicReason;
 import java.security.cert.X509Certificate;
 import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.CertPathValidatorException;
+import java.security.cert.PKIXReason;
 import java.security.cert.TrustAnchor;
 import java.security.interfaces.DSAParams;
 import java.security.interfaces.DSAPublicKey;
 import java.security.spec.DSAPublicKeySpec;
 import javax.security.auth.x500.X500Principal;
 if (debug != null)
 debug.println("---checking " + msg + "...");
 try {
 cert.verify(prevPubKey, sigProvider);
-} catch (Exception e) {
+} catch (SignatureException e) {
-if (debug != null) {
+throw new CertPathValidatorException
-debug.println(e.getMessage());
+(msg + " check failed", e, null, -1,
-e.printStackTrace();
+BasicReason.INVALID_SIGNATURE);
-}
+} catch (GeneralSecurityException e) {
 throw new CertPathValidatorException(msg + " check failed", e);
 }
 if (debug != null)
 debug.println(msg + " verified.");
 if (debug != null)
 debug.println("---checking " + msg + ":" + date.toString() + "...");
 try {
 cert.checkValidity(date);
-} catch (Exception e) {
+} catch (CertificateExpiredException e) {
-if (debug != null) {
+throw new CertPathValidatorException
-debug.println(e.getMessage());
+(msg + " check failed", e, null, -1, BasicReason.EXPIRED);
-e.printStackTrace();
+} catch (CertificateNotYetValidException e) {
-}
+throw new CertPathValidatorException
-throw new CertPathValidatorException(msg + " check failed", e);
+(msg + " check failed", e, null, -1, BasicReason.NOT_YET_VALID);
 }
 if (debug != null)
 debug.println(msg + " verified.");
 }
 X500Principal currIssuer = cert.getIssuerX500Principal();
 // reject null or empty issuer DNs
 if (X500Name.asX500Name(currIssuer).isEmpty()) {
-throw new CertPathValidatorException(msg + " check failed: " +
+throw new CertPathValidatorException
-"empty/null issuer DN in certificate is invalid");
+(msg + " check failed: " +
+"empty/null issuer DN in certificate is invalid", null,
+null, -1, PKIXReason.NAME_CHAINING);
 }
 if (!(currIssuer.equals(prevSubject))) {
-throw new CertPathValidatorException(msg + " check failed");
+throw new CertPathValidatorException
+(msg + " check failed", null, null, -1,
+PKIXReason.NAME_CHAINING);
 }
 if (debug != null)
 debug.println(msg + " verified.");
 }
 DSAPublicKeySpec ks = new DSAPublicKeySpec(y,
 params.getP(),
 params.getQ(),
 params.getG());
 usableKey = kf.generatePublic(ks);
-} catch (Exception e) {
+} catch (GeneralSecurityException e) {
 throw new CertPathValidatorException("Unable to generate key with" +
 " inherited parameters: " +
 e.getMessage(), e);
 }
 return usableKey;

changeset 1238	6d1f4b722acd
parent 2	90ce3da70b43
child 1451	e213b0c02197