Example 1 with PolicyConstraintsExtension
use of sun.security.x509.PolicyConstraintsExtension in project jdk8u_jdk by JetBrains.
the class PolicyChecker method mergeExplicitPolicy.
/**
* Merges the specified explicitPolicy value with the
* requireExplicitPolicy field of the <code>PolicyConstraints</code>
* extension obtained from the certificate. An explicitPolicy
* value of -1 implies no constraint.
*
* @param explicitPolicy an integer which indicates if a non-null
* valid policy tree is required
* @param currCert the Certificate to be processed
* @param finalCert a boolean indicating whether currCert is
* the final cert in the cert path
* @return returns the new explicitPolicy value
* @exception CertPathValidatorException Exception thrown if an error
* occurs
*/
static int mergeExplicitPolicy(int explicitPolicy, X509CertImpl currCert, boolean finalCert) throws CertPathValidatorException {
if ((explicitPolicy > 0) && !X509CertImpl.isSelfIssued(currCert)) {
explicitPolicy--;
}
try {
PolicyConstraintsExtension polConstExt = currCert.getPolicyConstraintsExtension();
if (polConstExt == null)
return explicitPolicy;
int require = polConstExt.get(PolicyConstraintsExtension.REQUIRE).intValue();
if (debug != null) {
debug.println("PolicyChecker.mergeExplicitPolicy() " + "require Index from cert = " + require);
}
if (!finalCert) {
if (require != -1) {
if ((explicitPolicy == -1) || (require < explicitPolicy)) {
explicitPolicy = require;
}
}
} else {
if (require == 0)
explicitPolicy = require;
}
} catch (IOException e) {
if (debug != null) {
debug.println("PolicyChecker.mergeExplicitPolicy " + "unexpected exception");
e.printStackTrace();
}
throw new CertPathValidatorException(e);
}
return explicitPolicy;
}
Also used :
CertPathValidatorException(java.security.cert.CertPathValidatorException)
PolicyConstraintsExtension(sun.security.x509.PolicyConstraintsExtension)
IOException(java.io.IOException)
Example 2 with PolicyConstraintsExtension
use of sun.security.x509.PolicyConstraintsExtension in project jdk8u_jdk by JetBrains.
the class PolicyChecker method mergePolicyMapping.
/**
* Merges the specified policyMapping value with the
* inhibitPolicyMapping field of the <code>PolicyConstraints</code>
* extension obtained from the certificate. A policyMapping
* value of -1 implies no constraint.
*
* @param policyMapping an integer which indicates if policy mapping
* is inhibited
* @param currCert the Certificate to be processed
* @return returns the new policyMapping value
* @exception CertPathValidatorException Exception thrown if an error
* occurs
*/
static int mergePolicyMapping(int policyMapping, X509CertImpl currCert) throws CertPathValidatorException {
if ((policyMapping > 0) && !X509CertImpl.isSelfIssued(currCert)) {
policyMapping--;
}
try {
PolicyConstraintsExtension polConstExt = currCert.getPolicyConstraintsExtension();
if (polConstExt == null)
return policyMapping;
int inhibit = polConstExt.get(PolicyConstraintsExtension.INHIBIT).intValue();
if (debug != null)
debug.println("PolicyChecker.mergePolicyMapping() " + "inhibit Index from cert = " + inhibit);
if (inhibit != -1) {
if ((policyMapping == -1) || (inhibit < policyMapping)) {
policyMapping = inhibit;
}
}
} catch (IOException e) {
if (debug != null) {
debug.println("PolicyChecker.mergePolicyMapping " + "unexpected exception");
e.printStackTrace();
}
throw new CertPathValidatorException(e);
}
return policyMapping;
}
Also used :
CertPathValidatorException(java.security.cert.CertPathValidatorException)
PolicyConstraintsExtension(sun.security.x509.PolicyConstraintsExtension)
IOException(java.io.IOException)
Aggregations
IOException (java.io.IOException)2
CertPathValidatorException (java.security.cert.CertPathValidatorException)2
PolicyConstraintsExtension (sun.security.x509.PolicyConstraintsExtension)2
