168 this.pkixdate = jarTimestamp.getTimestamp(); 169 this.jarTimestamp = jarTimestamp; 170 } 171 172 /** 173 * Create a new {@code AlgorithmChecker} with the 174 * given {@code TrustAnchor} and {@code AlgorithmConstraints}. 175 * 176 * @param anchor the trust anchor selected to validate the target 177 * certificate 178 * @param constraints the algorithm constraints (or null) 179 * @param pkixdate Date the constraints are checked against. The value is 180 * either the PKIXParameter date or null for the current date. 181 * 182 * @throws IllegalArgumentException if the {@code anchor} is null 183 */ 184 public AlgorithmChecker(TrustAnchor anchor, 185 AlgorithmConstraints constraints, 186 Date pkixdate) { 187 188 if (anchor == null) { 189 throw new IllegalArgumentException( 190 "The trust anchor cannot be null"); 191 } 192 193 if (anchor.getTrustedCert() != null) { 194 this.trustedPubKey = anchor.getTrustedCert().getPublicKey(); 195 // Check for anchor certificate restrictions 196 trustedMatch = checkFingerprint(anchor.getTrustedCert()); 197 if (trustedMatch && debug != null) { 198 debug.println("trustedMatch = true"); 199 } 200 } else { 201 this.trustedPubKey = anchor.getCAPublicKey(); 202 } 203 204 this.prevPubKey = trustedPubKey; 205 this.constraints = constraints; 206 this.pkixdate = pkixdate; 207 this.jarTimestamp = null; 208 } 209 210 /** 211 * Create a new {@code AlgorithmChecker} with the 212 * given {@code TrustAnchor} and {@code PKIXParameter} date. 213 * 214 * @param anchor the trust anchor selected to validate the target 215 * certificate 216 * @param pkixdate Date the constraints are checked against. The value is 217 * either the PKIXParameter date or null for the current date. 218 * 219 * @throws IllegalArgumentException if the {@code anchor} is null 220 */ 221 public AlgorithmChecker(TrustAnchor anchor, Date pkixdate) { | 168 this.pkixdate = jarTimestamp.getTimestamp(); 169 this.jarTimestamp = jarTimestamp; 170 } 171 172 /** 173 * Create a new {@code AlgorithmChecker} with the 174 * given {@code TrustAnchor} and {@code AlgorithmConstraints}. 175 * 176 * @param anchor the trust anchor selected to validate the target 177 * certificate 178 * @param constraints the algorithm constraints (or null) 179 * @param pkixdate Date the constraints are checked against. The value is 180 * either the PKIXParameter date or null for the current date. 181 * 182 * @throws IllegalArgumentException if the {@code anchor} is null 183 */ 184 public AlgorithmChecker(TrustAnchor anchor, 185 AlgorithmConstraints constraints, 186 Date pkixdate) { 187 188 if (anchor != null) { 189 if (anchor.getTrustedCert() != null) { 190 this.trustedPubKey = anchor.getTrustedCert().getPublicKey(); 191 // Check for anchor certificate restrictions 192 trustedMatch = checkFingerprint(anchor.getTrustedCert()); 193 if (trustedMatch && debug != null) { 194 debug.println("trustedMatch = true"); 195 } 196 } else { 197 this.trustedPubKey = anchor.getCAPublicKey(); 198 } 199 } else { 200 this.trustedPubKey = null; 201 if (debug != null) { 202 debug.println("TrustAnchor is null, trustedMatch is false."); 203 } 204 } 205 206 this.prevPubKey = trustedPubKey; 207 this.constraints = constraints; 208 this.pkixdate = pkixdate; 209 this.jarTimestamp = null; 210 } 211 212 /** 213 * Create a new {@code AlgorithmChecker} with the 214 * given {@code TrustAnchor} and {@code PKIXParameter} date. 215 * 216 * @param anchor the trust anchor selected to validate the target 217 * certificate 218 * @param pkixdate Date the constraints are checked against. The value is 219 * either the PKIXParameter date or null for the current date. 220 * 221 * @throws IllegalArgumentException if the {@code anchor} is null 222 */ 223 public AlgorithmChecker(TrustAnchor anchor, Date pkixdate) { |