Xuelei Fan wrote:
webrev updated, adding comments to tests:
http://cr.openjdk.java.net/~xuelei/6852744/webrev.02/
In DisableRevocation.java, why do you add CRLs to the CertStore if revocation is
disabled?
I think I understand what are your concerns now. If I'm right, you think
that the target cert of the method is expected to be the first
certificate in a certificate chain, which should be directly issued by a
trust anchor. By my understand of the method,
ForwardBuilder.isPathCompleted(X509Certificate cert), it would return
true if the "cert" parameter is a trust anchor, which means we have got
the first certificate in the certification path, now we are working on
the cert that issues the first certificate in the path, the issuer could
be a trust anchor.
You're right, though now I'm kind of wondering if that's a bug because it
requires the CertStores passed to CertPathBuilder to include the trust anchor.
That shouldn't really be required, since you have already specified them in the
TrustAnchors parameter. Ok, if its been that way for a long time and nobody has
complained, lets leave it for now.
For example, the expected path is EE->subca->trust anchor, and the
previous step has verified "subca", and got the path EE->subca, here we
don't know it is a complete path or not, we need one more step. We need
to look for the issuer of "subca" now, get the "trust anchor cert", then
we call ForwardBuilder.isPathCompleted("trust anchor cert"). In the
method, we firstly check whether the "trust anchor cert" is a trust
anchor or not, if itself is a trust anchor, return true immediately, and
cert will not be added to the path by the builder. Then we get the
conclusion that the path EE->subca is a complete certification path.
Does I make myself understood?
Yes, the fix looks good.
--Sean
Thanks,
Andrew
Thanks,
Sean
The follows codes are used to check whether the target cert is issued
by the trust anchor:
-------------
868 // Check subject/issuer name chaining
869 if (principal == null ||
870
!principal.equals(cert.getIssuerX500Principal())) {
871 continue;
872 }
------------
If it is a cert issued by a trust anchor, the method will then check
the revocation and signature. I think that is your expected
behaviors, right?
Thanks,
Andrew