< prev index next >

src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java

Print this page 
rev 12524 : 8154015: Apply algorithm constraints to timestamped code
Reviewed-by: ascarpino


 197      * @param variant is the Validator variants of the operation. A null value
 198      *                passed will set it to Validator.GENERIC.
 199      */
 200     public AlgorithmChecker(TrustAnchor anchor, Date pkixdate, String variant) {
 201         this(anchor, certPathDefaultConstraints, pkixdate, null, variant);
 202     }
 203 
 204     // Check this 'cert' for restrictions in the AnchorCertificates
 205     // trusted certificates list
 206     private static boolean checkFingerprint(X509Certificate cert) {
 207         if (!publicCALimits) {
 208             return false;
 209         }
 210 
 211         if (debug != null) {
 212             debug.println("AlgorithmChecker.contains: " + cert.getSigAlgName());
 213         }
 214         return AnchorCertificates.contains(cert);
 215     }
 216 




 217     @Override
 218     public void init(boolean forward) throws CertPathValidatorException {
 219         //  Note that this class does not support forward mode.
 220         if (!forward) {
 221             if (trustedPubKey != null) {
 222                 prevPubKey = trustedPubKey;
 223             } else {
 224                 prevPubKey = null;
 225             }
 226         } else {
 227             throw new
 228                 CertPathValidatorException("forward checking not supported");
 229         }
 230     }
 231 
 232     @Override
 233     public boolean isForwardCheckingSupported() {
 234         //  Note that as this class does not support forward mode, the method
 235         //  will always returns false.
 236         return false;




 197      * @param variant is the Validator variants of the operation. A null value
 198      *                passed will set it to Validator.GENERIC.
 199      */
 200     public AlgorithmChecker(TrustAnchor anchor, Date pkixdate, String variant) {
 201         this(anchor, certPathDefaultConstraints, pkixdate, null, variant);
 202     }
 203 
 204     // Check this 'cert' for restrictions in the AnchorCertificates
 205     // trusted certificates list
 206     private static boolean checkFingerprint(X509Certificate cert) {
 207         if (!publicCALimits) {
 208             return false;
 209         }
 210 
 211         if (debug != null) {
 212             debug.println("AlgorithmChecker.contains: " + cert.getSigAlgName());
 213         }
 214         return AnchorCertificates.contains(cert);
 215     }
 216 
 217     Timestamp getJarTimestamp() {
 218         return jarTimestamp;
 219     }
 220 
 221     @Override
 222     public void init(boolean forward) throws CertPathValidatorException {
 223         //  Note that this class does not support forward mode.
 224         if (!forward) {
 225             if (trustedPubKey != null) {
 226                 prevPubKey = trustedPubKey;
 227             } else {
 228                 prevPubKey = null;
 229             }
 230         } else {
 231             throw new
 232                 CertPathValidatorException("forward checking not supported");
 233         }
 234     }
 235 
 236     @Override
 237     public boolean isForwardCheckingSupported() {
 238         //  Note that as this class does not support forward mode, the method
 239         //  will always returns false.
 240         return false;
< prev index next >