Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
10819814
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
10819814
编写于
2月 20, 2015
作者:
I
igerasim
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8068720: Better certificate options checking
Reviewed-by: mullan
上级
b4169827
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
112 addition
and
87 deletion
+112
-87
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
.../security/provider/certpath/DistributionPointFetcher.java
+12
-11
src/share/classes/sun/security/x509/KeyUsageExtension.java
src/share/classes/sun/security/x509/KeyUsageExtension.java
+35
-35
src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java
.../classes/sun/security/x509/NetscapeCertTypeExtension.java
+30
-22
src/share/classes/sun/security/x509/ReasonFlags.java
src/share/classes/sun/security/x509/ReasonFlags.java
+35
-19
未找到文件。
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
浏览文件 @
10819814
/*
* Copyright (c) 2002, 201
4
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 201
5
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -541,10 +541,10 @@ public class DistributionPointFetcher {
// set interim reasons mask to the intersection of
// reasons in the DP and onlySomeReasons in the IDP
boolean
[]
idpReasonFlags
=
reasons
.
getFlags
();
for
(
int
i
=
0
;
i
<
i
dpReasonFlags
.
length
;
i
++)
{
i
f
(
idpReasonFlags
[
i
]
&&
pointReasonFlags
[
i
])
{
interimReasonsMask
[
i
]
=
true
;
}
for
(
int
i
=
0
;
i
<
i
nterimReasonsMask
.
length
;
i
++)
{
i
nterimReasonsMask
[
i
]
=
(
i
<
idpReasonFlags
.
length
&&
idpReasonFlags
[
i
])
&&
(
i
<
pointReasonFlags
.
length
&&
pointReasonFlags
[
i
]);
}
}
else
{
// set interim reasons mask to the value of
...
...
@@ -558,7 +558,6 @@ public class DistributionPointFetcher {
interimReasonsMask
=
pointReasonFlags
.
clone
();
}
else
{
// set interim reasons mask to the special value all-reasons
interimReasonsMask
=
new
boolean
[
9
];
Arrays
.
fill
(
interimReasonsMask
,
true
);
}
}
...
...
@@ -567,7 +566,9 @@ public class DistributionPointFetcher {
// not included in the reasons mask
boolean
oneOrMore
=
false
;
for
(
int
i
=
0
;
i
<
interimReasonsMask
.
length
&&
!
oneOrMore
;
i
++)
{
if
(!
reasonsMask
[
i
]
&&
interimReasonsMask
[
i
])
{
if
(
interimReasonsMask
[
i
]
&&
!(
i
<
reasonsMask
.
length
&&
reasonsMask
[
i
]))
{
oneOrMore
=
true
;
}
}
...
...
@@ -693,11 +694,11 @@ public class DistributionPointFetcher {
}
// update reasonsMask
for
(
int
i
=
0
;
i
<
interimReasonsMask
.
length
;
i
++)
{
if
(!
reasonsMask
[
i
]
&&
interimReasonsMask
[
i
])
{
reasonsMask
[
i
]
=
true
;
}
for
(
int
i
=
0
;
i
<
reasonsMask
.
length
;
i
++)
{
reasonsMask
[
i
]
=
reasonsMask
[
i
]
||
(
i
<
interimReasonsMask
.
length
&&
interimReasonsMask
[
i
]);
}
return
true
;
}
...
...
src/share/classes/sun/security/x509/KeyUsageExtension.java
浏览文件 @
10819814
/*
* Copyright (c) 1997, 201
1
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 201
5
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -83,7 +83,8 @@ implements CertAttrSet<String> {
* @param position the position in the bit string to check.
*/
private
boolean
isSet
(
int
position
)
{
return
bitString
[
position
];
return
(
position
<
bitString
.
length
)
&&
bitString
[
position
];
}
/**
...
...
@@ -275,41 +276,40 @@ implements CertAttrSet<String> {
* Returns a printable representation of the KeyUsage.
*/
public
String
toString
()
{
String
s
=
super
.
toString
()
+
"KeyUsage [\n"
;
StringBuilder
sb
=
new
StringBuilder
();
sb
.
append
(
super
.
toString
());
sb
.
append
(
"KeyUsage [\n"
);
try
{
if
(
isSet
(
0
))
{
s
+=
" DigitalSignature\n"
;
}
if
(
isSet
(
1
))
{
s
+=
" Non_repudiation\n"
;
}
if
(
isSet
(
2
))
{
s
+=
" Key_Encipherment\n"
;
}
if
(
isSet
(
3
))
{
s
+=
" Data_Encipherment\n"
;
}
if
(
isSet
(
4
))
{
s
+=
" Key_Agreement\n"
;
}
if
(
isSet
(
5
))
{
s
+=
" Key_CertSign\n"
;
}
if
(
isSet
(
6
))
{
s
+=
" Crl_Sign\n"
;
}
if
(
isSet
(
7
))
{
s
+=
" Encipher_Only\n"
;
}
if
(
isSet
(
8
))
{
s
+=
" Decipher_Only\n"
;
}
}
catch
(
ArrayIndexOutOfBoundsException
ex
)
{}
s
+=
"]\n"
;
if
(
isSet
(
0
))
{
sb
.
append
(
" DigitalSignature\n"
);
}
if
(
isSet
(
1
))
{
sb
.
append
(
" Non_repudiation\n"
);
}
if
(
isSet
(
2
))
{
sb
.
append
(
" Key_Encipherment\n"
);
}
if
(
isSet
(
3
))
{
sb
.
append
(
" Data_Encipherment\n"
);
}
if
(
isSet
(
4
))
{
sb
.
append
(
" Key_Agreement\n"
);
}
if
(
isSet
(
5
))
{
sb
.
append
(
" Key_CertSign\n"
);
}
if
(
isSet
(
6
))
{
sb
.
append
(
" Crl_Sign\n"
);
}
if
(
isSet
(
7
))
{
sb
.
append
(
" Encipher_Only\n"
);
}
if
(
isSet
(
8
))
{
sb
.
append
(
" Decipher_Only\n"
);
}
sb
.
append
(
"]\n"
);
return
(
s
);
return
sb
.
toString
(
);
}
/**
...
...
src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java
浏览文件 @
10819814
/*
* Copyright (c) 1998, 201
1
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 201
5
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -136,7 +136,8 @@ implements CertAttrSet<String> {
* @param position the position in the bit string to check.
*/
private
boolean
isSet
(
int
position
)
{
return
bitString
[
position
];
return
(
position
<
bitString
.
length
)
&&
bitString
[
position
];
}
/**
...
...
@@ -236,27 +237,34 @@ implements CertAttrSet<String> {
* Returns a printable representation of the NetscapeCertType.
*/
public
String
toString
()
{
String
s
=
super
.
toString
()
+
"NetscapeCertType [\n"
;
StringBuilder
sb
=
new
StringBuilder
();
sb
.
append
(
super
.
toString
());
sb
.
append
(
"NetscapeCertType [\n"
);
try
{
if
(
isSet
(
getPosition
(
SSL_CLIENT
)))
s
+=
" SSL client\n"
;
if
(
isSet
(
getPosition
(
SSL_SERVER
)))
s
+=
" SSL server\n"
;
if
(
isSet
(
getPosition
(
S_MIME
)))
s
+=
" S/MIME\n"
;
if
(
isSet
(
getPosition
(
OBJECT_SIGNING
)))
s
+=
" Object Signing\n"
;
if
(
isSet
(
getPosition
(
SSL_CA
)))
s
+=
" SSL CA\n"
;
if
(
isSet
(
getPosition
(
S_MIME_CA
)))
s
+=
" S/MIME CA\n"
;
if
(
isSet
(
getPosition
(
OBJECT_SIGNING_CA
)))
s
+=
" Object Signing CA"
;
}
catch
(
Exception
e
)
{
}
s
+=
"]\n"
;
return
(
s
);
if
(
isSet
(
0
))
{
sb
.
append
(
" SSL client\n"
);
}
if
(
isSet
(
1
))
{
sb
.
append
(
" SSL server\n"
);
}
if
(
isSet
(
2
))
{
sb
.
append
(
" S/MIME\n"
);
}
if
(
isSet
(
3
))
{
sb
.
append
(
" Object Signing\n"
);
}
if
(
isSet
(
5
))
{
sb
.
append
(
" SSL CA\n"
);
}
if
(
isSet
(
6
))
{
sb
.
append
(
" S/MIME CA\n"
);
}
if
(
isSet
(
7
))
{
sb
.
append
(
" Object Signing CA"
);
}
sb
.
append
(
"]\n"
);
return
sb
.
toString
();
}
/**
...
...
src/share/classes/sun/security/x509/ReasonFlags.java
浏览文件 @
10819814
/*
* Copyright (c) 1997, 20
06
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 20
15
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -99,7 +99,8 @@ public class ReasonFlags {
* @param position the position in the bit string to check.
*/
private
boolean
isSet
(
int
position
)
{
return
bitString
[
position
];
return
(
position
<
bitString
.
length
)
&&
bitString
[
position
];
}
/**
...
...
@@ -199,23 +200,38 @@ public class ReasonFlags {
* Returns a printable representation of the ReasonFlags.
*/
public
String
toString
()
{
String
s
=
"Reason Flags [\n"
;
try
{
if
(
isSet
(
0
))
s
+=
" Unused\n"
;
if
(
isSet
(
1
))
s
+=
" Key Compromise\n"
;
if
(
isSet
(
2
))
s
+=
" CA Compromise\n"
;
if
(
isSet
(
3
))
s
+=
" Affiliation_Changed\n"
;
if
(
isSet
(
4
))
s
+=
" Superseded\n"
;
if
(
isSet
(
5
))
s
+=
" Cessation Of Operation\n"
;
if
(
isSet
(
6
))
s
+=
" Certificate Hold\n"
;
if
(
isSet
(
7
))
s
+=
" Privilege Withdrawn\n"
;
if
(
isSet
(
8
))
s
+=
" AA Compromise\n"
;
}
catch
(
ArrayIndexOutOfBoundsException
ex
)
{}
s
+=
"]\n"
;
return
(
s
);
StringBuilder
sb
=
new
StringBuilder
(
"Reason Flags [\n"
);
if
(
isSet
(
0
))
{
sb
.
append
(
" Unused\n"
);
}
if
(
isSet
(
1
))
{
sb
.
append
(
" Key Compromise\n"
);
}
if
(
isSet
(
2
))
{
sb
.
append
(
" CA Compromise\n"
);
}
if
(
isSet
(
3
))
{
sb
.
append
(
" Affiliation_Changed\n"
);
}
if
(
isSet
(
4
))
{
sb
.
append
(
" Superseded\n"
);
}
if
(
isSet
(
5
))
{
sb
.
append
(
" Cessation Of Operation\n"
);
}
if
(
isSet
(
6
))
{
sb
.
append
(
" Certificate Hold\n"
);
}
if
(
isSet
(
7
))
{
sb
.
append
(
" Privilege Withdrawn\n"
);
}
if
(
isSet
(
8
))
{
sb
.
append
(
" AA Compromise\n"
);
}
sb
.
append
(
"]\n"
);
return
sb
.
toString
();
}
/**
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录