예제 #1
0
파일: CertPaths.java 프로젝트: tiggi/dcache
 public static X509Certificate[] getX509Certificates(CertPath certPath) {
   Preconditions.checkArgument(certPath.getType().equals(CertificateFactories.X_509));
   List<X509Certificate> certificates = (List<X509Certificate>) certPath.getCertificates();
   return certificates.toArray(new X509Certificate[certificates.size()]);
 }
 /*     */ public CertPathValidatorResult engineValidate(
     CertPath paramCertPath, CertPathParameters paramCertPathParameters)
     /*     */ throws CertPathValidatorException, InvalidAlgorithmParameterException
       /*     */ {
   /*  98 */ if (debug != null) {
     /*  99 */ debug.println("PKIXCertPathValidator.engineValidate()...");
     /*     */ }
   /* 101 */ if (!(paramCertPathParameters instanceof PKIXParameters)) {
     /* 102 */ throw new InvalidAlgorithmParameterException(
         "inappropriate parameters, must be an instance of PKIXParameters");
     /*     */ }
   /*     */
   /* 106 */ if ((!paramCertPath.getType().equals("X.509"))
       && (!paramCertPath.getType().equals("X509"))) {
     /* 107 */ throw new InvalidAlgorithmParameterException(
         "inappropriate certification path type specified, must be X.509 or X509");
     /*     */ }
   /*     */
   /* 111 */ PKIXParameters localPKIXParameters = (PKIXParameters) paramCertPathParameters;
   /*     */
   /* 115 */ Set localSet = localPKIXParameters.getTrustAnchors();
   /* 116 */ for (Object localObject1 = localSet.iterator();
       ((Iterator) localObject1).hasNext(); ) {
     localObject2 = (TrustAnchor) ((Iterator) localObject1).next();
     /* 117 */ if (((TrustAnchor) localObject2).getNameConstraints() != null) {
       /* 118 */ throw new InvalidAlgorithmParameterException(
           "name constraints in trust anchor not supported");
       /*     */ }
     /*     */
     /*     */ }
   /*     */
   /* 133 */ localObject1 = new ArrayList(paramCertPath.getCertificates());
   /*     */
   /* 135 */ if (debug != null) {
     /* 136 */ if (((ArrayList) localObject1).isEmpty()) {
       /* 137 */ debug.println("PKIXCertPathValidator.engineValidate() certList is empty");
       /*     */ }
     /*     */
     /* 140 */ debug.println("PKIXCertPathValidator.engineValidate() reversing certpath...");
     /*     */ }
   /*     */
   /* 143 */ Collections.reverse((List) localObject1);
   /*     */
   /* 148 */ populateVariables(localPKIXParameters);
   /*     */
   /* 152 */ Object localObject2 = null;
   /* 153 */ if (!((ArrayList) localObject1).isEmpty()) {
     /* 154 */ localObject2 = (X509Certificate) ((ArrayList) localObject1).get(0);
     /*     */ }
   /*     */
   /* 157 */ Object localObject3 = null;
   /*     */
   /* 161 */ for (TrustAnchor localTrustAnchor : localSet) {
     /* 162 */ X509Certificate localX509Certificate = localTrustAnchor.getTrustedCert();
     /* 163 */ if (localX509Certificate != null) {
       /* 164 */ if (debug != null) {
         /* 165 */ debug.println(
             "PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null");
         /*     */ }
       /*     */
       /* 171 */ if (isWorthTrying(localX509Certificate, (X509Certificate) localObject2))
       /*     */ {
         /* 175 */ if (debug != null)
           /* 176 */ debug.println(
               "anchor.getTrustedCert().getSubjectX500Principal() = "
                   + localX509Certificate.getSubjectX500Principal());
         /*     */ }
       /*     */ }
     /*     */ else
     /*     */ {
       /* 181 */ if (debug != null) {
         /* 182 */ debug.println(
             "PKIXCertPathValidator.engineValidate(): anchor.getTrustedCert() == null");
         /*     */ }
       /*     */
       /*     */ try
       /*     */ {
         /* 188 */ PolicyNodeImpl localPolicyNodeImpl =
             new PolicyNodeImpl(
                 null, "2.5.29.32.0", null, false, Collections.singleton("2.5.29.32.0"), false);
         /*     */
         /* 191 */ PolicyNode localPolicyNode =
             doValidate(
                 localTrustAnchor,
                 paramCertPath,
                 (ArrayList) localObject1,
                 localPKIXParameters,
                 localPolicyNodeImpl);
         /*     */
         /* 194 */ return new PKIXCertPathValidatorResult(
             localTrustAnchor, localPolicyNode, this.basicChecker.getPublicKey());
         /*     */ }
       /*     */ catch (CertPathValidatorException localCertPathValidatorException)
       /*     */ {
         /* 198 */ localObject3 = localCertPathValidatorException;
         /*     */ }
       /*     */ }
     /*     */
     /*     */ }
   /*     */
   /* 204 */ if (localObject3 != null) {
     /* 205 */ throw localObject3;
     /*     */ }
   /*     */
   /* 208 */ throw new CertPathValidatorException(
       "Path does not chain with any of the trust anchors",
       null,
       null,
       -1,
       PKIXReason.NO_TRUST_ANCHOR);
   /*     */ }