Java Code Examples for sun.security.x509.SubjectAlternativeNameExtension#get()

The following examples show how to use sun.security.x509.SubjectAlternativeNameExtension#get() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: X509CertSelectorTest.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 2
Source File: X509CertSelectorTest.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 3
Source File: X509CertSelectorTest.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 4
Source File: X509CertSelectorTest.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 5
Source File: X509CertSelectorTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 6
Source File: X509CertSelectorTest.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
private void testSubjectAltName() throws IOException {
    System.out.println("X.509 Certificate Match on subjectAltName");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    GeneralNameInterface dnsName = new DNSName("foo.com");
    DerOutputStream tmp = new DerOutputStream();
    dnsName.encode(tmp);
    selector.addSubjectAlternativeName(2, tmp.toByteArray());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.17"));
    byte[] encoded = in.getOctetString();
    SubjectAlternativeNameExtension ext = new SubjectAlternativeNameExtension(false, encoded);
    GeneralNames names = (GeneralNames) ext.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
    GeneralName name = (GeneralName) names.get(0);
    selector.setSubjectAlternativeNames(null);
    DerOutputStream tmp2 = new DerOutputStream();
    name.getName().encode(tmp2);
    selector.addSubjectAlternativeName(name.getType(), tmp2.toByteArray());
    checkMatch(selector, cert, true);

    // good match 2 (matches at least one)
    selector.setMatchAllSubjectAltNames(false);
    selector.addSubjectAlternativeName(2, "foo.com");
    checkMatch(selector, cert, true);
}
 
Example 7
Source File: ForwardState.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 8
Source File: ForwardState.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 9
Source File: ForwardState.java    From jdk8u_jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 10
Source File: ForwardState.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 11
Source File: ForwardState.java    From openjdk-8-source with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 12
Source File: ForwardState.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 13
Source File: ForwardState.java    From j2objc with Apache License 2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 14
Source File: ForwardState.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 15
Source File: ForwardState.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 16
Source File: ForwardState.java    From jdk8u-dev-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 17
Source File: ForwardState.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 18
Source File: ForwardState.java    From openjdk-jdk8u with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 19
Source File: ForwardState.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}
 
Example 20
Source File: ForwardState.java    From TencentKona-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Update the state with the next certificate added to the path.
 *
 * @param cert the certificate which is used to update the state
 */
@Override
public void updateState(X509Certificate cert)
    throws CertificateException, IOException, CertPathValidatorException {

    if (cert == null)
        return;

    X509CertImpl icert = X509CertImpl.toImpl(cert);

    /* see if certificate key has null parameters */
    if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) {
        keyParamsNeededFlag = true;
    }

    /* update certificate */
    this.cert = icert;

    /* update issuer DN */
    issuerDN = cert.getIssuerX500Principal();

    if (!X509CertImpl.isSelfIssued(cert)) {

        /*
         * update traversedCACerts only if this is a non-self-issued
         * intermediate CA cert
         */
        if (!init && cert.getBasicConstraints() != -1) {
            traversedCACerts++;
        }
    }

    /* update subjectNamesTraversed only if this is the EE cert or if
       this cert is not self-issued */
    if (init || !X509CertImpl.isSelfIssued(cert)){
        X500Principal subjName = cert.getSubjectX500Principal();
        subjectNamesTraversed.add(X500Name.asX500Name(subjName));

        try {
            SubjectAlternativeNameExtension subjAltNameExt
                = icert.getSubjectAlternativeNameExtension();
            if (subjAltNameExt != null) {
                GeneralNames gNames = subjAltNameExt.get(
                        SubjectAlternativeNameExtension.SUBJECT_NAME);
                for (GeneralName gName : gNames.names()) {
                    subjectNamesTraversed.add(gName.getName());
                }
            }
        } catch (IOException e) {
            if (debug != null) {
                debug.println("ForwardState.updateState() unexpected "
                    + "exception");
                e.printStackTrace();
            }
            throw new CertPathValidatorException(e);
        }
    }

    init = false;
}