java/13 : java.base/sun/security/validator/SymantecTLSPolicy.class

SymantecTLSPolicy
https://openjdk.java.net/
GPLv2 + Classpath Exception
final class sun.security.validator.SymantecTLSPolicy
  minor version: 0
  major version: 59
  flags: flags: (0x0030) ACC_FINAL, ACC_SUPER
  this_class: sun.security.validator.SymantecTLSPolicy
  super_class: java.lang.Object
{
  private static final java.util.Set<java.lang.String> FINGERPRINTS;
    descriptor: Ljava/util/Set;
    flags: (0x001a) ACC_PRIVATE, ACC_STATIC, ACC_FINAL
    Signature: Ljava/util/Set<Ljava/lang/String;>;

  private static final java.time.LocalDate DECEMBER_31_2019;
    descriptor: Ljava/time/LocalDate;
    flags: (0x001a) ACC_PRIVATE, ACC_STATIC, ACC_FINAL

  private static final java.util.Map<java.lang.String, java.time.LocalDate> EXEMPT_SUBCAS;
    descriptor: Ljava/util/Map;
    flags: (0x001a) ACC_PRIVATE, ACC_STATIC, ACC_FINAL
    Signature: Ljava/util/Map<Ljava/lang/String;Ljava/time/LocalDate;>;

  private static final java.time.LocalDate APRIL_16_2019;
    descriptor: Ljava/time/LocalDate;
    flags: (0x001a) ACC_PRIVATE, ACC_STATIC, ACC_FINAL

  static void <clinit>();
    descriptor: ()V
    flags: (0x0008) ACC_STATIC
    Code:
      stack=4, locals=0, args_size=0
         0: .line 44
            bipush 16
            anewarray java.lang.String
            dup
            iconst_0
         1: .line 47
            ldc "FF856A2D251DCD88D36656F450126798CFABAADE40799C722DE4D2B5DB36A73A"
            aastore
            dup
            iconst_1
         2: .line 51
            ldc "37D51006C512EAAB626421F1EC8C92013FC5F82AE98EE533EB4619B8DEB4D06C"
            aastore
            dup
            iconst_2
         3: .line 56
            ldc "5EDB7AC43B82A06A8761E8D7BE4979EBF2611F7DD79BF91C1C6B566A219ED766"
            aastore
            dup
            iconst_3
         4: .line 61
            ldc "B478B812250DF878635C2AA7EC7D155EAA625EE82916E2CD294361886CD1FBD4"
            aastore
            dup
            iconst_4
         5: .line 64
            ldc "A0459B9F63B22559F5FA5D4C6DB3F9F72FF19342033578F073BF1D1B46CBB912"
            aastore
            dup
            iconst_5
         6: .line 69
            ldc "8D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F"
            aastore
            dup
            bipush 6
         7: .line 74
            ldc "A4310D50AF18A6447190372A86AFAF8B951FFB431D837F1E5688B45971ED1557"
            aastore
            dup
            bipush 7
         8: .line 79
            ldc "4B03F45807AD70F21BFC2CAE71C9FDE4604C064CF5FFB686BAE5DBAAD7FDD34C"
            aastore
            dup
            bipush 8
         9: .line 84
            ldc "3F9F27D583204B9E09C8A3D2066C4B57D3A2479C3693650880505698105DBCE9"
            aastore
            dup
            bipush 9
        10: .line 90
            ldc "3A43E220FE7F3EA9653D1E21742EAC2B75C20FD8980305BC502CAF8C2D9B41A1"
            aastore
            dup
            bipush 10
        11: .line 94
            ldc "A4B6B3996FC2F306B3FD8681BD63413D8C5009CC4FA329C2CCF0E2FA1B140305"
            aastore
            dup
            bipush 11
        12: .line 100
            ldc "83CE3C1229688A593D485F81973C0F9195431EDA37CC5E36430E79C7A888638B"
            aastore
            dup
            bipush 12
        13: .line 105
            ldc "EB04CF5EB1F39AFA762F2BB120F296CBA520C1B97DB1589565B81CB9A17B7244"
            aastore
            dup
            bipush 13
        14: .line 110
            ldc "69DDD7EA90BB57C93E135DC85EA6FCD5480B603239BDC454FC758B2A26CF7F79"
            aastore
            dup
            bipush 14
        15: .line 115
            ldc "9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF"
            aastore
            dup
            bipush 15
        16: .line 120
            ldc "2399561127A57125DE8CEFEA610DDF2FA078B5C8067F4E828290BFB860E84B3C"
            aastore
        17: .line 44
            invokestatic java.util.Set.of:([Ljava/lang/Object;)Ljava/util/Set;
            putstatic sun.security.validator.SymantecTLSPolicy.FINGERPRINTS:Ljava/util/Set;
        18: .line 124
            sipush 2019
            getstatic java.time.Month.DECEMBER:Ljava/time/Month;
            bipush 31
            invokestatic java.time.LocalDate.of:(ILjava/time/Month;I)Ljava/time/LocalDate;
        19: .line 123
            putstatic sun.security.validator.SymantecTLSPolicy.DECEMBER_31_2019:Ljava/time/LocalDate;
        20: .line 130
            ldc "AC2B922ECFD5E01711772FEA8ED372DE9D1E2245FCE3F57A9CDBEC77296A424B"
        21: .line 131
            getstatic sun.security.validator.SymantecTLSPolicy.DECEMBER_31_2019:Ljava/time/LocalDate;
        22: .line 137
            ldc "A4FE7C7F15155F3F0AEF7AAA83CF6E06DEB97CA3F909DF920AC1490882D488ED"
        23: .line 138
            getstatic sun.security.validator.SymantecTLSPolicy.DECEMBER_31_2019:Ljava/time/LocalDate;
        24: .line 126
            invokestatic java.util.Map.of:(Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;)Ljava/util/Map;
            putstatic sun.security.validator.SymantecTLSPolicy.EXEMPT_SUBCAS:Ljava/util/Map;
        25: .line 144
            sipush 2019
            getstatic java.time.Month.APRIL:Ljava/time/Month;
            bipush 16
            invokestatic java.time.LocalDate.of:(ILjava/time/Month;I)Ljava/time/LocalDate;
        26: .line 143
            putstatic sun.security.validator.SymantecTLSPolicy.APRIL_16_2019:Ljava/time/LocalDate;
        27: .line 144
            return
      LocalVariableTable:
        Start  End  Slot  Name  Signature

  static void checkDistrust(java.security.cert.X509Certificate[]);
    descriptor: ([Ljava/security/cert/X509Certificate;)V
    flags: (0x0008) ACC_STATIC
    Code:
      stack=3, locals=6, args_size=1
        start local 0 // java.security.cert.X509Certificate[] chain
         0: .line 156
            aload 0 /* chain */
            aload 0 /* chain */
            arraylength
            iconst_1
            isub
            aaload
            astore 1 /* anchor */
        start local 1 // java.security.cert.X509Certificate anchor
         1: .line 157
            getstatic sun.security.validator.SymantecTLSPolicy.FINGERPRINTS:Ljava/util/Set;
            aload 1 /* anchor */
            invokestatic sun.security.validator.SymantecTLSPolicy.fingerprint:(Ljava/security/cert/X509Certificate;)Ljava/lang/String;
            invokeinterface java.util.Set.contains:(Ljava/lang/Object;)Z
            ifeq 13
         2: .line 158
            aload 0 /* chain */
            iconst_0
            aaload
            invokevirtual java.security.cert.X509Certificate.getNotBefore:()Ljava/util/Date;
            astore 2 /* notBefore */
        start local 2 // java.util.Date notBefore
         3: .line 159
            aload 2 /* notBefore */
            invokevirtual java.util.Date.toInstant:()Ljava/time/Instant;
         4: .line 160
            getstatic java.time.ZoneOffset.UTC:Ljava/time/ZoneOffset;
         5: .line 159
            invokestatic java.time.LocalDate.ofInstant:(Ljava/time/Instant;Ljava/time/ZoneId;)Ljava/time/LocalDate;
            astore 3 /* ldNotBefore */
        start local 3 // java.time.LocalDate ldNotBefore
         6: .line 162
            aload 0 /* chain */
            arraylength
            iconst_2
            if_icmple 12
         7: .line 163
            aload 0 /* chain */
            aload 0 /* chain */
            arraylength
            iconst_2
            isub
            aaload
            astore 4 /* subCA */
        start local 4 // java.security.cert.X509Certificate subCA
         8: .line 164
            getstatic sun.security.validator.SymantecTLSPolicy.EXEMPT_SUBCAS:Ljava/util/Map;
            aload 4 /* subCA */
            invokestatic sun.security.validator.SymantecTLSPolicy.fingerprint:(Ljava/security/cert/X509Certificate;)Ljava/lang/String;
            invokeinterface java.util.Map.get:(Ljava/lang/Object;)Ljava/lang/Object;
            checkcast java.time.LocalDate
            astore 5 /* distrustDate */
        start local 5 // java.time.LocalDate distrustDate
         9: .line 165
            aload 5 /* distrustDate */
            ifnull 12
        10: .line 167
            aload 3 /* ldNotBefore */
            aload 5 /* distrustDate */
            aload 1 /* anchor */
            invokestatic sun.security.validator.SymantecTLSPolicy.checkNotBefore:(Ljava/time/LocalDate;Ljava/time/LocalDate;Ljava/security/cert/X509Certificate;)V
        11: .line 168
            return
        end local 5 // java.time.LocalDate distrustDate
        end local 4 // java.security.cert.X509Certificate subCA
        12: .line 172
      StackMap locals: java.security.cert.X509Certificate java.util.Date java.time.LocalDate
      StackMap stack:
            aload 3 /* ldNotBefore */
            getstatic sun.security.validator.SymantecTLSPolicy.APRIL_16_2019:Ljava/time/LocalDate;
            aload 1 /* anchor */
            invokestatic sun.security.validator.SymantecTLSPolicy.checkNotBefore:(Ljava/time/LocalDate;Ljava/time/LocalDate;Ljava/security/cert/X509Certificate;)V
        end local 3 // java.time.LocalDate ldNotBefore
        end local 2 // java.util.Date notBefore
        13: .line 174
      StackMap locals:
      StackMap stack:
            return
        end local 1 // java.security.cert.X509Certificate anchor
        end local 0 // java.security.cert.X509Certificate[] chain
      LocalVariableTable:
        Start  End  Slot          Name  Signature
            0   14     0         chain  [Ljava/security/cert/X509Certificate;
            1   14     1        anchor  Ljava/security/cert/X509Certificate;
            3   13     2     notBefore  Ljava/util/Date;
            6   13     3   ldNotBefore  Ljava/time/LocalDate;
            8   12     4         subCA  Ljava/security/cert/X509Certificate;
            9   12     5  distrustDate  Ljava/time/LocalDate;
    Exceptions:
      throws sun.security.validator.ValidatorException
    MethodParameters:
       Name  Flags
      chain  

  private static java.lang.String fingerprint(java.security.cert.X509Certificate);
    descriptor: (Ljava/security/cert/X509Certificate;)Ljava/lang/String;
    flags: (0x000a) ACC_PRIVATE, ACC_STATIC
    Code:
      stack=2, locals=1, args_size=1
        start local 0 // java.security.cert.X509Certificate cert
         0: .line 177
            aload 0 /* cert */
            instanceof sun.security.x509.X509CertImpl
            ifeq 2
         1: .line 178
            aload 0 /* cert */
            checkcast sun.security.x509.X509CertImpl
            ldc "SHA-256"
            invokevirtual sun.security.x509.X509CertImpl.getFingerprint:(Ljava/lang/String;)Ljava/lang/String;
            goto 3
         2: .line 179
      StackMap locals:
      StackMap stack:
            ldc "SHA-256"
            aload 0 /* cert */
            invokestatic sun.security.x509.X509CertImpl.getFingerprint:(Ljava/lang/String;Ljava/security/cert/X509Certificate;)Ljava/lang/String;
         3: .line 177
      StackMap locals:
      StackMap stack: java.lang.String
            areturn
        end local 0 // java.security.cert.X509Certificate cert
      LocalVariableTable:
        Start  End  Slot  Name  Signature
            0    4     0  cert  Ljava/security/cert/X509Certificate;
    MethodParameters:
      Name  Flags
      cert  

  private static void checkNotBefore(java.time.LocalDate, java.time.LocalDate, java.security.cert.X509Certificate);
    descriptor: (Ljava/time/LocalDate;Ljava/time/LocalDate;Ljava/security/cert/X509Certificate;)V
    flags: (0x000a) ACC_PRIVATE, ACC_STATIC
    Code:
      stack=5, locals=3, args_size=3
        start local 0 // java.time.LocalDate notBeforeDate
        start local 1 // java.time.LocalDate distrustDate
        start local 2 // java.security.cert.X509Certificate anchor
         0: .line 185
            aload 0 /* notBeforeDate */
            aload 1 /* distrustDate */
            invokevirtual java.time.LocalDate.isAfter:(Ljava/time/chrono/ChronoLocalDate;)Z
            ifeq 8
         1: .line 186
            new sun.security.validator.ValidatorException
            dup
         2: .line 187
            new java.lang.StringBuilder
            dup
            ldc "TLS Server certificate issued after "
            invokespecial java.lang.StringBuilder.<init>:(Ljava/lang/String;)V
            aload 1 /* distrustDate */
            invokevirtual java.lang.StringBuilder.append:(Ljava/lang/Object;)Ljava/lang/StringBuilder;
         3: .line 188
            ldc " and anchored by a distrusted legacy Symantec root CA: "
            invokevirtual java.lang.StringBuilder.append:(Ljava/lang/String;)Ljava/lang/StringBuilder;
         4: .line 189
            aload 2 /* anchor */
            invokevirtual java.security.cert.X509Certificate.getSubjectX500Principal:()Ljavax/security/auth/x500/X500Principal;
            invokevirtual java.lang.StringBuilder.append:(Ljava/lang/Object;)Ljava/lang/StringBuilder;
         5: .line 187
            invokevirtual java.lang.StringBuilder.toString:()Ljava/lang/String;
         6: .line 190
            getstatic sun.security.validator.ValidatorException.T_UNTRUSTED_CERT:Ljava/lang/Object;
            aload 2 /* anchor */
         7: .line 186
            invokespecial sun.security.validator.ValidatorException.<init>:(Ljava/lang/String;Ljava/lang/Object;Ljava/security/cert/X509Certificate;)V
            athrow
         8: .line 192
      StackMap locals:
      StackMap stack:
            return
        end local 2 // java.security.cert.X509Certificate anchor
        end local 1 // java.time.LocalDate distrustDate
        end local 0 // java.time.LocalDate notBeforeDate
      LocalVariableTable:
        Start  End  Slot           Name  Signature
            0    9     0  notBeforeDate  Ljava/time/LocalDate;
            0    9     1   distrustDate  Ljava/time/LocalDate;
            0    9     2         anchor  Ljava/security/cert/X509Certificate;
    Exceptions:
      throws sun.security.validator.ValidatorException
    MethodParameters:
               Name  Flags
      notBeforeDate  
      distrustDate   
      anchor         

  private void <init>();
    descriptor: ()V
    flags: (0x0002) ACC_PRIVATE
    Code:
      stack=1, locals=1, args_size=1
        start local 0 // sun.security.validator.SymantecTLSPolicy this
         0: .line 194
            aload 0 /* this */
            invokespecial java.lang.Object.<init>:()V
            return
        end local 0 // sun.security.validator.SymantecTLSPolicy this
      LocalVariableTable:
        Start  End  Slot  Name  Signature
            0    1     0  this  Lsun/security/validator/SymantecTLSPolicy;
}
SourceFile: "SymantecTLSPolicy.java"
/

java/ 13/ java.base/sun/security/validator/SymantecTLSPolicy.class
