sun.security.provider.certpath.PKIX.BuilderParams Java Examples
The following examples show how to use
sun.security.provider.certpath.PKIX.BuilderParams.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ForwardBuilder.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #2
Source File: ForwardBuilder.java From j2objc with Apache License 2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #3
Source File: ForwardBuilder.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #4
Source File: ForwardBuilder.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #5
Source File: ForwardBuilder.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #6
Source File: ForwardBuilder.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #7
Source File: ForwardBuilder.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #8
Source File: ForwardBuilder.java From hottub with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #9
Source File: ForwardBuilder.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #10
Source File: ForwardBuilder.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #11
Source File: ForwardBuilder.java From Bytecoder with Apache License 2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #12
Source File: ForwardBuilder.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #13
Source File: ForwardBuilder.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #14
Source File: ForwardBuilder.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } comparator = new PKIXCertComparator(trustedSubjectDNs); this.searchAllCertStores = searchAllCertStores; }
Example #15
Source File: ForwardBuilder.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) { super(buildParams); // populate sets of trusted certificates and subject DNs trustAnchors = buildParams.trustAnchors(); trustedCerts = new HashSet<X509Certificate>(trustAnchors.size()); trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size()); for (TrustAnchor anchor : trustAnchors) { X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { trustedCerts.add(trustedCert); trustedSubjectDNs.add(trustedCert.getSubjectX500Principal()); } else { trustedSubjectDNs.add(anchor.getCA()); } } this.searchAllCertStores = searchAllCertStores; }
Example #16
Source File: ReverseBuilder.java From j2objc with Apache License 2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #17
Source File: ReverseBuilder.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #18
Source File: ReverseBuilder.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #19
Source File: ReverseBuilder.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #20
Source File: ReverseBuilder.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #21
Source File: ReverseBuilder.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ ReverseBuilder(BuilderParams buildParams) { super(buildParams); Set<String> initialPolicies = buildParams.initialPolicies(); initPolicies = new HashSet<String>(); if (initialPolicies.isEmpty()) { // if no initialPolicies are specified by user, set // initPolicies to be anyPolicy by default initPolicies.add(PolicyChecker.ANY_POLICY); } else { initPolicies.addAll(initialPolicies); } }
Example #22
Source File: ReverseState.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
/** * Initialize the state. * * @param buildParams builder parameters */ public void initState(BuilderParams buildParams) throws CertPathValidatorException { /* * Initialize number of remainingCACerts. * Note that -1 maxPathLen implies unlimited. * 0 implies only an EE cert is acceptable. */ int maxPathLen = buildParams.maxPathLength(); remainingCACerts = (maxPathLen == -1) ? Integer.MAX_VALUE : maxPathLen; /* Initialize explicit policy state variable */ if (buildParams.explicitPolicyRequired()) { explicitPolicy = 0; } else { // unconstrained if maxPathLen is -1, // otherwise, we want to initialize this to the value of the // longest possible path + 1 (i.e. maxpathlen + finalcert + 1) explicitPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize policy mapping state variable */ if (buildParams.policyMappingInhibited()) { policyMapping = 0; } else { policyMapping = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize inhibit any policy state variable */ if (buildParams.anyPolicyInhibited()) { inhibitAnyPolicy = 0; } else { inhibitAnyPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize certIndex */ certIndex = 1; /* Initialize policy tree */ Set<String> initExpPolSet = new HashSet<>(1); initExpPolSet.add(PolicyChecker.ANY_POLICY); rootNode = new PolicyNodeImpl(null, PolicyChecker.ANY_POLICY, null, false, initExpPolSet, false); /* * Initialize each user-defined checker * Shallow copy the checkers */ userCheckers = new ArrayList<>(buildParams.certPathCheckers()); /* initialize each checker (just in case) */ for (PKIXCertPathChecker checker : userCheckers) { checker.init(false); } /* Start by trusting the cert to sign CRLs */ crlSign = true; init = true; }
Example #23
Source File: ReverseState.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
/** * Update the state with the specified trust anchor. * * @param anchor the most-trusted CA * @param buildParams builder parameters */ public void updateState(TrustAnchor anchor, BuilderParams buildParams) throws CertificateException, IOException, CertPathValidatorException { trustAnchor = anchor; X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { updateState(trustedCert); } else { X500Principal caName = anchor.getCA(); updateState(anchor.getCAPublicKey(), caName); } // The user specified AlgorithmChecker and RevocationChecker may not be // able to set the trust anchor until now. boolean revCheckerAdded = false; for (PKIXCertPathChecker checker : userCheckers) { if (checker instanceof AlgorithmChecker) { ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); } else if (checker instanceof PKIXRevocationChecker) { if (revCheckerAdded) { throw new CertPathValidatorException( "Only one PKIXRevocationChecker can be specified"); } // if it's our own, initialize it if (checker instanceof RevocationChecker) { ((RevocationChecker)checker).init(anchor, buildParams); } ((PKIXRevocationChecker)checker).init(false); revCheckerAdded = true; } } // only create a RevocationChecker if revocation is enabled and // a PKIXRevocationChecker has not already been added if (buildParams.revocationEnabled() && !revCheckerAdded) { revChecker = new RevocationChecker(anchor, buildParams); revChecker.init(false); } init = false; }
Example #24
Source File: ReverseState.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
/** * Update the state with the specified trust anchor. * * @param anchor the most-trusted CA * @param buildParams builder parameters */ public void updateState(TrustAnchor anchor, BuilderParams buildParams) throws CertificateException, IOException, CertPathValidatorException { trustAnchor = anchor; X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { updateState(trustedCert); } else { X500Principal caName = anchor.getCA(); updateState(anchor.getCAPublicKey(), caName); } // The user specified AlgorithmChecker and RevocationChecker may not be // able to set the trust anchor until now. boolean revCheckerAdded = false; for (PKIXCertPathChecker checker : userCheckers) { if (checker instanceof AlgorithmChecker) { ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); } else if (checker instanceof PKIXRevocationChecker) { if (revCheckerAdded) { throw new CertPathValidatorException( "Only one PKIXRevocationChecker can be specified"); } // if it's our own, initialize it if (checker instanceof RevocationChecker) { ((RevocationChecker)checker).init(anchor, buildParams); } ((PKIXRevocationChecker)checker).init(false); revCheckerAdded = true; } } // only create a RevocationChecker if revocation is enabled and // a PKIXRevocationChecker has not already been added if (buildParams.revocationEnabled() && !revCheckerAdded) { revChecker = new RevocationChecker(anchor, buildParams); revChecker.init(false); } init = false; }
Example #25
Source File: Builder.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ Builder(BuilderParams buildParams) { this.buildParams = buildParams; this.targetCertConstraints = (X509CertSelector)buildParams.targetCertConstraints(); }
Example #26
Source File: ReverseState.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
/** * Initialize the state. * * @param buildParams builder parameters */ public void initState(BuilderParams buildParams) throws CertPathValidatorException { /* * Initialize number of remainingCACerts. * Note that -1 maxPathLen implies unlimited. * 0 implies only an EE cert is acceptable. */ int maxPathLen = buildParams.maxPathLength(); remainingCACerts = (maxPathLen == -1) ? Integer.MAX_VALUE : maxPathLen; /* Initialize explicit policy state variable */ if (buildParams.explicitPolicyRequired()) { explicitPolicy = 0; } else { // unconstrained if maxPathLen is -1, // otherwise, we want to initialize this to the value of the // longest possible path + 1 (i.e. maxpathlen + finalcert + 1) explicitPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize policy mapping state variable */ if (buildParams.policyMappingInhibited()) { policyMapping = 0; } else { policyMapping = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize inhibit any policy state variable */ if (buildParams.anyPolicyInhibited()) { inhibitAnyPolicy = 0; } else { inhibitAnyPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize certIndex */ certIndex = 1; /* Initialize policy tree */ Set<String> initExpPolSet = new HashSet<>(1); initExpPolSet.add(PolicyChecker.ANY_POLICY); rootNode = new PolicyNodeImpl(null, PolicyChecker.ANY_POLICY, null, false, initExpPolSet, false); /* * Initialize each user-defined checker * Shallow copy the checkers */ userCheckers = new ArrayList<>(buildParams.certPathCheckers()); /* initialize each checker (just in case) */ for (PKIXCertPathChecker checker : userCheckers) { checker.init(false); } /* Start by trusting the cert to sign CRLs */ crlSign = true; init = true; }
Example #27
Source File: ReverseState.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
/** * Update the state with the specified trust anchor. * * @param anchor the most-trusted CA * @param buildParams builder parameters */ public void updateState(TrustAnchor anchor, BuilderParams buildParams) throws CertificateException, IOException, CertPathValidatorException { trustAnchor = anchor; X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { updateState(trustedCert); } else { X500Principal caName = anchor.getCA(); updateState(anchor.getCAPublicKey(), caName); } // The user specified AlgorithmChecker and RevocationChecker may not be // able to set the trust anchor until now. boolean revCheckerAdded = false; for (PKIXCertPathChecker checker : userCheckers) { if (checker instanceof AlgorithmChecker) { ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); } else if (checker instanceof PKIXRevocationChecker) { if (revCheckerAdded) { throw new CertPathValidatorException( "Only one PKIXRevocationChecker can be specified"); } // if it's our own, initialize it if (checker instanceof RevocationChecker) { ((RevocationChecker)checker).init(anchor, buildParams); } ((PKIXRevocationChecker)checker).init(false); revCheckerAdded = true; } } // only create a RevocationChecker if revocation is enabled and // a PKIXRevocationChecker has not already been added if (buildParams.revocationEnabled() && !revCheckerAdded) { revChecker = new RevocationChecker(anchor, buildParams); revChecker.init(false); } init = false; }
Example #28
Source File: Builder.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ Builder(BuilderParams buildParams) { this.buildParams = buildParams; this.targetCertConstraints = (X509CertSelector)buildParams.targetCertConstraints(); }
Example #29
Source File: Builder.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
/** * Initialize the builder with the input parameters. * * @param params the parameter set used to build a certification path */ Builder(BuilderParams buildParams) { this.buildParams = buildParams; this.targetCertConstraints = (X509CertSelector)buildParams.targetCertConstraints(); }
Example #30
Source File: ReverseState.java From j2objc with Apache License 2.0 | 4 votes |
/** * Initialize the state. * * @param buildParams builder parameters */ public void initState(BuilderParams buildParams) throws CertPathValidatorException { /* * Initialize number of remainingCACerts. * Note that -1 maxPathLen implies unlimited. * 0 implies only an EE cert is acceptable. */ int maxPathLen = buildParams.maxPathLength(); remainingCACerts = (maxPathLen == -1) ? Integer.MAX_VALUE : maxPathLen; /* Initialize explicit policy state variable */ if (buildParams.explicitPolicyRequired()) { explicitPolicy = 0; } else { // unconstrained if maxPathLen is -1, // otherwise, we want to initialize this to the value of the // longest possible path + 1 (i.e. maxpathlen + finalcert + 1) explicitPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize policy mapping state variable */ if (buildParams.policyMappingInhibited()) { policyMapping = 0; } else { policyMapping = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize inhibit any policy state variable */ if (buildParams.anyPolicyInhibited()) { inhibitAnyPolicy = 0; } else { inhibitAnyPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2; } /* Initialize certIndex */ certIndex = 1; /* Initialize policy tree */ Set<String> initExpPolSet = new HashSet<>(1); initExpPolSet.add(PolicyChecker.ANY_POLICY); rootNode = new PolicyNodeImpl(null, PolicyChecker.ANY_POLICY, null, false, initExpPolSet, false); /* * Initialize each user-defined checker * Shallow copy the checkers */ userCheckers = new ArrayList<>(buildParams.certPathCheckers()); /* initialize each checker (just in case) */ for (PKIXCertPathChecker checker : userCheckers) { checker.init(false); } /* Start by trusting the cert to sign CRLs */ crlSign = true; init = true; }