< prev index next >
src/java.base/share/classes/sun/security/provider/certpath/BasicChecker.java
Print this page
rev 16540 : 8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
*** 49,59 ****
import sun.security.x509.X500Name;
import sun.security.util.Debug;
/**
* BasicChecker is a PKIXCertPathChecker that checks the basic information
! * on a PKIX certificate, namely the signature, timestamp, and subject/issuer
* name chaining.
*
* @since 1.4
* @author Yassir Elley
*/
--- 49,59 ----
import sun.security.x509.X500Name;
import sun.security.util.Debug;
/**
* BasicChecker is a PKIXCertPathChecker that checks the basic information
! * on a PKIX certificate, namely the signature, validity, and subject/issuer
* name chaining.
*
* @since 1.4
* @author Yassir Elley
*/
*** 123,133 ****
public Set<String> getSupportedExtensions() {
return null;
}
/**
! * Performs the signature, timestamp, and subject/issuer name chaining
* checks on the certificate using its internal state. This method does
* not remove any critical extensions from the Collection.
*
* @param cert the Certificate
* @param unresolvedCritExts a Collection of the unresolved critical
--- 123,133 ----
public Set<String> getSupportedExtensions() {
return null;
}
/**
! * Performs the signature, validity, and subject/issuer name chaining
* checks on the certificate using its internal state. This method does
* not remove any critical extensions from the Collection.
*
* @param cert the Certificate
* @param unresolvedCritExts a Collection of the unresolved critical
*** 139,149 ****
throws CertPathValidatorException
{
X509Certificate currCert = (X509Certificate)cert;
if (!sigOnly) {
! verifyTimestamp(currCert);
verifyNameChaining(currCert);
}
verifySignature(currCert);
updateState(currCert);
--- 139,149 ----
throws CertPathValidatorException
{
X509Certificate currCert = (X509Certificate)cert;
if (!sigOnly) {
! verifyValidity(currCert);
verifyNameChaining(currCert);
}
verifySignature(currCert);
updateState(currCert);
*** 175,190 ****
if (debug != null)
debug.println(msg + " verified.");
}
/**
! * Internal method to verify the timestamp on a certificate
*/
! private void verifyTimestamp(X509Certificate cert)
throws CertPathValidatorException
{
! String msg = "timestamp";
if (debug != null)
debug.println("---checking " + msg + ":" + date.toString() + "...");
try {
cert.checkValidity(date);
--- 175,190 ----
if (debug != null)
debug.println(msg + " verified.");
}
/**
! * Internal method to verify the validity on a certificate
*/
! private void verifyValidity(X509Certificate cert)
throws CertPathValidatorException
{
! String msg = "validity";
if (debug != null)
debug.println("---checking " + msg + ":" + date.toString() + "...");
try {
cert.checkValidity(date);
< prev index next >