/* * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package sun.security.util; import java.security.cert.X509Certificate; /** * This class is a wrapper for keeping state and passing objects between PKIX, * AlgorithmChecker, and DisabledAlgorithmConstraints. */ public class CertConstraintParameters { // A certificate being passed to check against constraints. private final X509Certificate cert; // This is true if the trust anchor in the certificate chain matches a cert // in AnchorCertificates private final boolean trustedMatch; public CertConstraintParameters(X509Certificate c, boolean match) { cert = c; trustedMatch = match; } public CertConstraintParameters(X509Certificate c) { this(c, false); } // Returns if the trust anchor has a match if anchor checking is enabled. public boolean isTrustedMatch() { return trustedMatch; } public X509Certificate getCertificate() { return cert; } }