Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
5a8f41f7
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
5a8f41f7
编写于
3月 02, 2015
作者:
M
mullan
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8073894: Getting to the root of certificate chains
Reviewed-by: weijun, igerasim, ahgross
上级
1b2bedf4
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
21 addition
and
4 deletion
+21
-4
src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
...sun/security/provider/certpath/PKIXCertPathValidator.java
+9
-2
src/share/classes/sun/security/validator/SimpleValidator.java
...share/classes/sun/security/validator/SimpleValidator.java
+12
-2
未找到文件。
src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
浏览文件 @
5a8f41f7
/*
/*
* Copyright (c) 2000, 201
4
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 201
5
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -159,12 +159,19 @@ public final class PKIXCertPathValidator extends CertPathValidatorSpi {
...
@@ -159,12 +159,19 @@ public final class PKIXCertPathValidator extends CertPathValidatorSpi {
ValidatorParams
params
)
ValidatorParams
params
)
throws
CertPathValidatorException
throws
CertPathValidatorException
{
{
// check if anchor is untrusted
UntrustedChecker
untrustedChecker
=
new
UntrustedChecker
();
X509Certificate
anchorCert
=
anchor
.
getTrustedCert
();
if
(
anchorCert
!=
null
)
{
untrustedChecker
.
check
(
anchorCert
);
}
int
certPathLen
=
params
.
certificates
().
size
();
int
certPathLen
=
params
.
certificates
().
size
();
// create PKIXCertPathCheckers
// create PKIXCertPathCheckers
List
<
PKIXCertPathChecker
>
certPathCheckers
=
new
ArrayList
<>();
List
<
PKIXCertPathChecker
>
certPathCheckers
=
new
ArrayList
<>();
// add standard checkers that we will be using
// add standard checkers that we will be using
certPathCheckers
.
add
(
new
UntrustedChecker
()
);
certPathCheckers
.
add
(
untrustedChecker
);
certPathCheckers
.
add
(
new
AlgorithmChecker
(
anchor
));
certPathCheckers
.
add
(
new
AlgorithmChecker
(
anchor
));
certPathCheckers
.
add
(
new
KeyChecker
(
certPathLen
,
certPathCheckers
.
add
(
new
KeyChecker
(
certPathLen
,
params
.
targetCertConstraints
()));
params
.
targetCertConstraints
()));
...
...
src/share/classes/sun/security/validator/SimpleValidator.java
浏览文件 @
5a8f41f7
/*
/*
* Copyright (c) 2002, 201
2
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 201
5
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -141,8 +141,18 @@ public final class SimpleValidator extends Validator {
...
@@ -141,8 +141,18 @@ public final class SimpleValidator extends Validator {
// create distrusted certificates checker
// create distrusted certificates checker
UntrustedChecker
untrustedChecker
=
new
UntrustedChecker
();
UntrustedChecker
untrustedChecker
=
new
UntrustedChecker
();
// check if anchor is untrusted
X509Certificate
anchorCert
=
chain
[
chain
.
length
-
1
];
try
{
untrustedChecker
.
check
(
anchorCert
);
}
catch
(
CertPathValidatorException
cpve
)
{
throw
new
ValidatorException
(
"Untrusted certificate: "
+
anchorCert
.
getSubjectX500Principal
(),
ValidatorException
.
T_UNTRUSTED_CERT
,
anchorCert
,
cpve
);
}
// create default algorithm constraints checker
// create default algorithm constraints checker
TrustAnchor
anchor
=
new
TrustAnchor
(
chain
[
chain
.
length
-
1
]
,
null
);
TrustAnchor
anchor
=
new
TrustAnchor
(
anchorCert
,
null
);
AlgorithmChecker
defaultAlgChecker
=
new
AlgorithmChecker
(
anchor
);
AlgorithmChecker
defaultAlgChecker
=
new
AlgorithmChecker
(
anchor
);
// create application level algorithm constraints checker
// create application level algorithm constraints checker
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录