Sean Mullan wrote:
Some additional comments in the new tests describing what path
building scenarios are being tested would be very useful.
OK, I will add some comments on the certification path structure.
A few comments below. Everything else looks good.
Xuelei Fan wrote:
new webrev: http://cr.openjdk.java.net/~xuelei/6852744/webrev.01/
Sean Mullan wrote:
Hi Andrew,
Here are some comments -
ForwardBuilder:
line 864:
typo: s/abchor/anchor
yes, a typo.
In this block of code:
858 if (principal != null && publicKey != null &&
859
principal.equals(cert.getSubjectX500Principal())) {
860 if (publicKey.equals(cert.getPublicKey())) {
861 this.trustAnchor = anchor;
862 return true;
863 }
864 // else, it is a self-issued certificate of
the abchor
865 }
you never check if the trust anchor name is equal to the issuer of
the cert before returning true. That seems to violate RFC 5280.
At line 859, when the cert's "subject" equals to the trust anchor
Why not match it with the cert's issuer? That would then be compliant
with 5280.
Above codes are used to check whether the target cert is a trust anchor,
so we need to compare the "subject" of both. If the cert is not a trust
anchor, we need to check its issuer.
The follows codes are used to check whether the target cert is issued by
the trust anchor:
-------------
868 // Check subject/issuer name chaining
869 if (principal == null ||
870
!principal.equals(cert.getIssuerX500Principal())) {
871 continue;
872 }
------------
If it is a cert issued by a trust anchor, the method will then check the
revocation and signature. I think that is your expected behaviors, right?
Thanks,
Andrew
