public class sun.security.provider.certpath.PKIXCertPathValidator extends java.security.cert.CertPathValidatorSpi
  minor version: 0
  major version: 59
  flags: flags: (0x0021) ACC_PUBLIC, ACC_SUPER
  this_class: sun.security.provider.certpath.PKIXCertPathValidator
  super_class: java.security.cert.CertPathValidatorSpi
{
  private static final sun.security.util.Debug debug;
    descriptor: Lsun/security/util/Debug;
    flags: (0x001a) ACC_PRIVATE, ACC_STATIC, ACC_FINAL

  private java.util.Date testDate;
    descriptor: Ljava/util/Date;
    flags: (0x0002) ACC_PRIVATE

  private java.util.List<java.security.cert.PKIXCertPathChecker> userCheckers;
    descriptor: Ljava/util/List;
    flags: (0x0002) ACC_PRIVATE
    Signature: Ljava/util/List<Ljava/security/cert/PKIXCertPathChecker;>;

  private java.lang.String sigProvider;
    descriptor: Ljava/lang/String;
    flags: (0x0002) ACC_PRIVATE

  private sun.security.provider.certpath.BasicChecker basicChecker;
    descriptor: Lsun/security/provider/certpath/BasicChecker;
    flags: (0x0002) ACC_PRIVATE

  private boolean ocspEnabled;
    descriptor: Z
    flags: (0x0002) ACC_PRIVATE

  private boolean onlyEECert;
    descriptor: Z
    flags: (0x0002) ACC_PRIVATE

  static void <clinit>();
    descriptor: ()V
    flags: (0x0008) ACC_STATIC
    Code:
      stack=1, locals=0, args_size=0
         0: .line 65
            ldc "certpath"
            invokestatic sun.security.util.Debug.getInstance:(Ljava/lang/String;)Lsun/security/util/Debug;
            putstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            return
      LocalVariableTable:
        Start  End  Slot  Name  Signature

  public void <init>();
    descriptor: ()V
    flags: (0x0001) ACC_PUBLIC
    Code:
      stack=2, locals=1, args_size=1
        start local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
         0: .line 76
            aload 0 /* this */
            invokespecial java.security.cert.CertPathValidatorSpi.<init>:()V
         1: .line 70
            aload 0 /* this */
            iconst_0
            putfield sun.security.provider.certpath.PKIXCertPathValidator.ocspEnabled:Z
         2: .line 71
            aload 0 /* this */
            iconst_0
            putfield sun.security.provider.certpath.PKIXCertPathValidator.onlyEECert:Z
         3: .line 76
            return
        end local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
      LocalVariableTable:
        Start  End  Slot  Name  Signature
            0    4     0  this  Lsun/security/provider/certpath/PKIXCertPathValidator;

  public java.security.cert.CertPathValidatorResult engineValidate(java.security.cert.CertPath, java.security.cert.CertPathParameters);
    descriptor: (Ljava/security/cert/CertPath;Ljava/security/cert/CertPathParameters;)Ljava/security/cert/CertPathValidatorResult;
    flags: (0x0001) ACC_PUBLIC
    Code:
      stack=8, locals=13, args_size=3
        start local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
        start local 1 // java.security.cert.CertPath cp
        start local 2 // java.security.cert.CertPathParameters param
         0: .line 96
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 2
         1: .line 97
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.engineValidate()..."
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
         2: .line 99
      StackMap locals:
      StackMap stack:
            aload 2 /* param */
            instanceof java.security.cert.PKIXParameters
            ifne 4
         3: .line 100
            new java.security.InvalidAlgorithmParameterException
            dup
            ldc "inappropriate parameters, must be an instance of PKIXParameters"
            invokespecial java.security.InvalidAlgorithmParameterException.<init>:(Ljava/lang/String;)V
            athrow
         4: .line 104
      StackMap locals:
      StackMap stack:
            aload 1 /* cp */
            invokevirtual java.security.cert.CertPath.getType:()Ljava/lang/String;
            ldc "X.509"
            invokevirtual java.lang.String.equals:(Ljava/lang/Object;)Z
            ifne 6
            aload 1 /* cp */
            invokevirtual java.security.cert.CertPath.getType:()Ljava/lang/String;
            ldc "X509"
            invokevirtual java.lang.String.equals:(Ljava/lang/Object;)Z
            ifne 6
         5: .line 105
            new java.security.InvalidAlgorithmParameterException
            dup
            ldc "inappropriate certification path type specified, must be X.509 or X509"
            invokespecial java.security.InvalidAlgorithmParameterException.<init>:(Ljava/lang/String;)V
            athrow
         6: .line 109
      StackMap locals:
      StackMap stack:
            aload 2 /* param */
            checkcast java.security.cert.PKIXParameters
            astore 3 /* pkixParam */
        start local 3 // java.security.cert.PKIXParameters pkixParam
         7: .line 113
            aload 3 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getTrustAnchors:()Ljava/util/Set;
            astore 4 /* anchors */
        start local 4 // java.util.Set anchors
         8: .line 114
            aload 4 /* anchors */
            invokeinterface java.util.Set.iterator:()Ljava/util/Iterator;
            astore 6
            goto 14
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set top java.util.Iterator
      StackMap stack:
         9: aload 6
            invokeinterface java.util.Iterator.next:()Ljava/lang/Object;
            checkcast java.security.cert.TrustAnchor
            astore 5 /* anchor */
        start local 5 // java.security.cert.TrustAnchor anchor
        10: .line 115
            aload 5 /* anchor */
            invokevirtual java.security.cert.TrustAnchor.getNameConstraints:()[B
            ifnull 14
        11: .line 116
            new java.security.InvalidAlgorithmParameterException
            dup
        12: .line 117
            ldc "name constraints in trust anchor not supported"
        13: .line 116
            invokespecial java.security.InvalidAlgorithmParameterException.<init>:(Ljava/lang/String;)V
            athrow
        end local 5 // java.security.cert.TrustAnchor anchor
        14: .line 114
      StackMap locals:
      StackMap stack:
            aload 6
            invokeinterface java.util.Iterator.hasNext:()Z
            ifne 9
        15: .line 134
            new java.util.ArrayList
            dup
        16: .line 135
            aload 1 /* cp */
            invokevirtual java.security.cert.CertPath.getCertificates:()Ljava/util/List;
        17: .line 134
            invokespecial java.util.ArrayList.<init>:(Ljava/util/Collection;)V
            astore 5 /* certList */
        start local 5 // java.util.List certList
        18: .line 136
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 22
        19: .line 137
            aload 5 /* certList */
            invokeinterface java.util.List.isEmpty:()Z
            ifeq 21
        20: .line 138
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.engineValidate() certList is empty"
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        21: .line 141
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set java.util.List
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.engineValidate() reversing certpath..."
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        22: .line 144
      StackMap locals:
      StackMap stack:
            aload 5 /* certList */
            invokestatic java.util.Collections.reverse:(Ljava/util/List;)V
        23: .line 149
            aload 0 /* this */
            aload 3 /* pkixParam */
            invokevirtual sun.security.provider.certpath.PKIXCertPathValidator.populateVariables:(Ljava/security/cert/PKIXParameters;)V
        24: .line 153
            aconst_null
            astore 6 /* firstCert */
        start local 6 // java.security.cert.X509Certificate firstCert
        25: .line 154
            aload 5 /* certList */
            invokeinterface java.util.List.isEmpty:()Z
            ifne 27
        26: .line 155
            aload 5 /* certList */
            iconst_0
            invokeinterface java.util.List.get:(I)Ljava/lang/Object;
            checkcast java.security.cert.X509Certificate
            astore 6 /* firstCert */
        27: .line 158
      StackMap locals: java.security.cert.X509Certificate
      StackMap stack:
            aconst_null
            astore 7 /* lastException */
        start local 7 // java.security.cert.CertPathValidatorException lastException
        28: .line 162
            aload 4 /* anchors */
            invokeinterface java.util.Set.iterator:()Ljava/util/Iterator;
            astore 9
            goto 55
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set java.util.List java.security.cert.X509Certificate java.security.cert.CertPathValidatorException top java.util.Iterator
      StackMap stack:
        29: aload 9
            invokeinterface java.util.Iterator.next:()Ljava/lang/Object;
            checkcast java.security.cert.TrustAnchor
            astore 8 /* anchor */
        start local 8 // java.security.cert.TrustAnchor anchor
        30: .line 163
            aload 8 /* anchor */
            invokevirtual java.security.cert.TrustAnchor.getTrustedCert:()Ljava/security/cert/X509Certificate;
            astore 10 /* trustedCert */
        start local 10 // java.security.cert.X509Certificate trustedCert
        31: .line 164
            aload 10 /* trustedCert */
            ifnull 41
        32: .line 165
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 34
        33: .line 166
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null"
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        34: .line 172
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set java.util.List java.security.cert.X509Certificate java.security.cert.CertPathValidatorException java.security.cert.TrustAnchor java.util.Iterator java.security.cert.X509Certificate
      StackMap stack:
            aload 0 /* this */
            aload 10 /* trustedCert */
            aload 6 /* firstCert */
            invokevirtual sun.security.provider.certpath.PKIXCertPathValidator.isWorthTrying:(Ljava/security/cert/X509Certificate;Ljava/security/cert/X509Certificate;)Z
            ifne 36
        35: .line 173
            goto 55
        36: .line 176
      StackMap locals:
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 43
        37: .line 177
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            new java.lang.StringBuilder
            dup
            ldc "anchor.getTrustedCert().getSubjectX500Principal() = "
            invokespecial java.lang.StringBuilder.<init>:(Ljava/lang/String;)V
        38: .line 179
            aload 10 /* trustedCert */
            invokevirtual java.security.cert.X509Certificate.getSubjectX500Principal:()Ljavax/security/auth/x500/X500Principal;
            invokevirtual java.lang.StringBuilder.append:(Ljava/lang/Object;)Ljava/lang/StringBuilder;
            invokevirtual java.lang.StringBuilder.toString:()Ljava/lang/String;
        39: .line 177
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        40: .line 181
            goto 43
        41: .line 182
      StackMap locals:
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 43
        42: .line 183
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.engineValidate(): anchor.getTrustedCert() == null"
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        43: .line 189
      StackMap locals:
      StackMap stack:
            new sun.security.provider.certpath.PolicyNodeImpl
            dup
            aconst_null
        44: .line 190
            ldc "2.5.29.32.0"
            aconst_null
            iconst_0
        45: .line 191
            ldc "2.5.29.32.0"
            invokestatic java.util.Collections.singleton:(Ljava/lang/Object;)Ljava/util/Set;
            iconst_0
        46: .line 189
            invokespecial sun.security.provider.certpath.PolicyNodeImpl.<init>:(Lsun/security/provider/certpath/PolicyNodeImpl;Ljava/lang/String;Ljava/util/Set;ZLjava/util/Set;Z)V
            astore 11 /* rootNode */
        start local 11 // sun.security.provider.certpath.PolicyNodeImpl rootNode
        47: .line 193
            aload 0 /* this */
            aload 8 /* anchor */
            aload 1 /* cp */
            aload 5 /* certList */
            aload 3 /* pkixParam */
            aload 11 /* rootNode */
            invokevirtual sun.security.provider.certpath.PKIXCertPathValidator.doValidate:(Ljava/security/cert/TrustAnchor;Ljava/security/cert/CertPath;Ljava/util/List;Ljava/security/cert/PKIXParameters;Lsun/security/provider/certpath/PolicyNodeImpl;)Ljava/security/cert/PolicyNode;
        48: .line 192
            astore 12 /* policyTree */
        start local 12 // java.security.cert.PolicyNode policyTree
        49: .line 195
            new java.security.cert.PKIXCertPathValidatorResult
            dup
            aload 8 /* anchor */
            aload 12 /* policyTree */
        50: .line 196
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.basicChecker:Lsun/security/provider/certpath/BasicChecker;
            invokevirtual sun.security.provider.certpath.BasicChecker.getPublicKey:()Ljava/security/PublicKey;
        51: .line 195
            invokespecial java.security.cert.PKIXCertPathValidatorResult.<init>:(Ljava/security/cert/TrustAnchor;Ljava/security/cert/PolicyNode;Ljava/security/PublicKey;)V
        52: areturn
        end local 12 // java.security.cert.PolicyNode policyTree
        end local 11 // sun.security.provider.certpath.PolicyNodeImpl rootNode
        53: .line 197
      StackMap locals:
      StackMap stack: java.security.cert.CertPathValidatorException
            astore 11 /* cpe */
        start local 11 // java.security.cert.CertPathValidatorException cpe
        54: .line 199
            aload 11 /* cpe */
            astore 7 /* lastException */
        end local 11 // java.security.cert.CertPathValidatorException cpe
        end local 10 // java.security.cert.X509Certificate trustedCert
        end local 8 // java.security.cert.TrustAnchor anchor
        55: .line 162
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set java.util.List java.security.cert.X509Certificate java.security.cert.CertPathValidatorException top java.util.Iterator
      StackMap stack:
            aload 9
            invokeinterface java.util.Iterator.hasNext:()Z
            ifne 29
        56: .line 205
            aload 7 /* lastException */
            ifnull 58
        57: .line 206
            aload 7 /* lastException */
            athrow
        58: .line 209
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.CertPath java.security.cert.CertPathParameters java.security.cert.PKIXParameters java.util.Set java.util.List java.security.cert.X509Certificate java.security.cert.CertPathValidatorException
      StackMap stack:
            new java.security.cert.CertPathValidatorException
            dup
        59: .line 210
            ldc "Path does not chain with any of the trust anchors"
        60: .line 209
            invokespecial java.security.cert.CertPathValidatorException.<init>:(Ljava/lang/String;)V
            athrow
        end local 7 // java.security.cert.CertPathValidatorException lastException
        end local 6 // java.security.cert.X509Certificate firstCert
        end local 5 // java.util.List certList
        end local 4 // java.util.Set anchors
        end local 3 // java.security.cert.PKIXParameters pkixParam
        end local 2 // java.security.cert.CertPathParameters param
        end local 1 // java.security.cert.CertPath cp
        end local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
      LocalVariableTable:
        Start  End  Slot           Name  Signature
            0   61     0           this  Lsun/security/provider/certpath/PKIXCertPathValidator;
            0   61     1             cp  Ljava/security/cert/CertPath;
            0   61     2          param  Ljava/security/cert/CertPathParameters;
            7   61     3      pkixParam  Ljava/security/cert/PKIXParameters;
            8   61     4        anchors  Ljava/util/Set<Ljava/security/cert/TrustAnchor;>;
           10   14     5         anchor  Ljava/security/cert/TrustAnchor;
           18   61     5       certList  Ljava/util/List<Ljava/security/cert/X509Certificate;>;
           25   61     6      firstCert  Ljava/security/cert/X509Certificate;
           28   61     7  lastException  Ljava/security/cert/CertPathValidatorException;
           30   55     8         anchor  Ljava/security/cert/TrustAnchor;
           31   55    10    trustedCert  Ljava/security/cert/X509Certificate;
           47   53    11       rootNode  Lsun/security/provider/certpath/PolicyNodeImpl;
           49   53    12     policyTree  Ljava/security/cert/PolicyNode;
           54   55    11            cpe  Ljava/security/cert/CertPathValidatorException;
      Exception table:
        from    to  target  type
          43    52      53  Class java.security.cert.CertPathValidatorException
    Exceptions:
      throws java.security.cert.CertPathValidatorException, java.security.InvalidAlgorithmParameterException
    MethodParameters:
       Name  Flags
      cp     
      param  

  private boolean isWorthTrying(java.security.cert.X509Certificate, java.security.cert.X509Certificate);
    descriptor: (Ljava/security/cert/X509Certificate;Ljava/security/cert/X509Certificate;)Z
    flags: (0x0002) ACC_PRIVATE
    Code:
      stack=3, locals=7, args_size=3
        start local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
        start local 1 // java.security.cert.X509Certificate trustedCert
        start local 2 // java.security.cert.X509Certificate firstCert
         0: .line 222
            iconst_0
            istore 3 /* worthy */
        start local 3 // boolean worthy
         1: .line 224
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 3
         2: .line 225
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ..."
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
         3: .line 229
      StackMap locals: int
      StackMap stack:
            aload 2 /* firstCert */
            ifnonnull 5
         4: .line 230
            iconst_1
            ireturn
         5: .line 234
      StackMap locals:
      StackMap stack:
            new sun.security.provider.certpath.AdaptableX509CertSelector
            dup
            invokespecial sun.security.provider.certpath.AdaptableX509CertSelector.<init>:()V
         6: .line 233
            astore 4 /* issuerSelector */
        start local 4 // sun.security.provider.certpath.AdaptableX509CertSelector issuerSelector
         7: .line 237
            aload 1 /* trustedCert */
            invokevirtual java.security.cert.X509Certificate.getKeyUsage:()[Z
            astore 5 /* usages */
        start local 5 // boolean[] usages
         8: .line 238
            aload 5 /* usages */
            ifnull 11
         9: .line 239
            aload 5 /* usages */
            iconst_5
            iconst_1
            bastore
        10: .line 240
            aload 4 /* issuerSelector */
            aload 5 /* usages */
            invokevirtual sun.security.provider.certpath.AdaptableX509CertSelector.setKeyUsage:([Z)V
        11: .line 244
      StackMap locals: sun.security.provider.certpath.AdaptableX509CertSelector boolean[]
      StackMap stack:
            aload 4 /* issuerSelector */
            aload 2 /* firstCert */
            invokevirtual java.security.cert.X509Certificate.getIssuerX500Principal:()Ljavax/security/auth/x500/X500Principal;
            invokevirtual sun.security.provider.certpath.AdaptableX509CertSelector.setSubject:(Ljavax/security/auth/x500/X500Principal;)V
        12: .line 247
            aload 4 /* issuerSelector */
            aload 2 /* firstCert */
            invokevirtual java.security.cert.X509Certificate.getNotBefore:()Ljava/util/Date;
        13: .line 248
            aload 2 /* firstCert */
            invokevirtual java.security.cert.X509Certificate.getNotAfter:()Ljava/util/Date;
        14: .line 247
            invokevirtual sun.security.provider.certpath.AdaptableX509CertSelector.setValidityPeriod:(Ljava/util/Date;Ljava/util/Date;)V
        15: .line 255
            aload 2 /* firstCert */
            invokestatic sun.security.x509.X509CertImpl.toImpl:(Ljava/security/cert/X509Certificate;)Lsun/security/x509/X509CertImpl;
            astore 6 /* firstCertImpl */
        start local 6 // sun.security.x509.X509CertImpl firstCertImpl
        16: .line 256
            aload 4 /* issuerSelector */
        17: .line 257
            aload 6 /* firstCertImpl */
            invokevirtual sun.security.x509.X509CertImpl.getAuthorityKeyIdentifierExtension:()Lsun/security/x509/AuthorityKeyIdentifierExtension;
        18: .line 256
            invokevirtual sun.security.provider.certpath.AdaptableX509CertSelector.parseAuthorityKeyIdentifierExtension:(Lsun/security/x509/AuthorityKeyIdentifierExtension;)V
        19: .line 259
            aload 4 /* issuerSelector */
            aload 1 /* trustedCert */
            invokevirtual sun.security.provider.certpath.AdaptableX509CertSelector.match:(Ljava/security/cert/Certificate;)Z
            istore 3 /* worthy */
        end local 6 // sun.security.x509.X509CertImpl firstCertImpl
        20: .line 260
            goto 22
      StackMap locals:
      StackMap stack: java.lang.Exception
        21: pop
        22: .line 264
      StackMap locals:
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 27
        23: .line 265
            iload 3 /* worthy */
            ifeq 26
        24: .line 266
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "YES - try this trustedCert"
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        25: .line 267
            goto 27
        26: .line 268
      StackMap locals:
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ldc "NO - don't try this trustedCert"
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
        27: .line 272
      StackMap locals:
      StackMap stack:
            iload 3 /* worthy */
            ireturn
        end local 5 // boolean[] usages
        end local 4 // sun.security.provider.certpath.AdaptableX509CertSelector issuerSelector
        end local 3 // boolean worthy
        end local 2 // java.security.cert.X509Certificate firstCert
        end local 1 // java.security.cert.X509Certificate trustedCert
        end local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
      LocalVariableTable:
        Start  End  Slot            Name  Signature
            0   28     0            this  Lsun/security/provider/certpath/PKIXCertPathValidator;
            0   28     1     trustedCert  Ljava/security/cert/X509Certificate;
            0   28     2       firstCert  Ljava/security/cert/X509Certificate;
            1   28     3          worthy  Z
            7   28     4  issuerSelector  Lsun/security/provider/certpath/AdaptableX509CertSelector;
            8   28     5          usages  [Z
           16   20     6   firstCertImpl  Lsun/security/x509/X509CertImpl;
      Exception table:
        from    to  target  type
          15    20      21  Class java.lang.Exception
    Exceptions:
      throws java.security.cert.CertPathValidatorException
    MethodParameters:
             Name  Flags
      trustedCert  
      firstCert    

  private void populateVariables(java.security.cert.PKIXParameters);
    descriptor: (Ljava/security/cert/PKIXParameters;)V
    flags: (0x0002) ACC_PRIVATE
    Code:
      stack=5, locals=2, args_size=2
        start local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
        start local 1 // java.security.cert.PKIXParameters pkixParam
         0: .line 282
            aload 0 /* this */
            aload 1 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getDate:()Ljava/util/Date;
            putfield sun.security.provider.certpath.PKIXCertPathValidator.testDate:Ljava/util/Date;
         1: .line 283
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.testDate:Ljava/util/Date;
            ifnonnull 3
         2: .line 284
            aload 0 /* this */
            new java.util.Date
            dup
            invokestatic java.lang.System.currentTimeMillis:()J
            invokespecial java.util.Date.<init>:(J)V
            putfield sun.security.provider.certpath.PKIXCertPathValidator.testDate:Ljava/util/Date;
         3: .line 287
      StackMap locals:
      StackMap stack:
            aload 0 /* this */
            aload 1 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getCertPathCheckers:()Ljava/util/List;
            putfield sun.security.provider.certpath.PKIXCertPathValidator.userCheckers:Ljava/util/List;
         4: .line 288
            aload 0 /* this */
            aload 1 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getSigProvider:()Ljava/lang/String;
            putfield sun.security.provider.certpath.PKIXCertPathValidator.sigProvider:Ljava/lang/String;
         5: .line 290
            aload 1 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.isRevocationEnabled:()Z
            ifeq 16
         6: .line 292
            aload 0 /* this */
         7: .line 293
            new sun.security.action.GetBooleanSecurityPropertyAction
            dup
         8: .line 294
            ldc "ocsp.enable"
         9: .line 293
            invokespecial sun.security.action.GetBooleanSecurityPropertyAction.<init>:(Ljava/lang/String;)V
        10: .line 292
            invokestatic java.security.AccessController.doPrivileged:(Ljava/security/PrivilegedAction;)Ljava/lang/Object;
            checkcast java.lang.Boolean
            invokevirtual java.lang.Boolean.booleanValue:()Z
            putfield sun.security.provider.certpath.PKIXCertPathValidator.ocspEnabled:Z
        11: .line 295
            aload 0 /* this */
        12: .line 296
            new sun.security.action.GetBooleanSecurityPropertyAction
            dup
        13: .line 297
            ldc "com.sun.security.onlyCheckRevocationOfEECert"
        14: .line 296
            invokespecial sun.security.action.GetBooleanSecurityPropertyAction.<init>:(Ljava/lang/String;)V
        15: .line 295
            invokestatic java.security.AccessController.doPrivileged:(Ljava/security/PrivilegedAction;)Ljava/lang/Object;
            checkcast java.lang.Boolean
            invokevirtual java.lang.Boolean.booleanValue:()Z
            putfield sun.security.provider.certpath.PKIXCertPathValidator.onlyEECert:Z
        16: .line 299
      StackMap locals:
      StackMap stack:
            return
        end local 1 // java.security.cert.PKIXParameters pkixParam
        end local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
      LocalVariableTable:
        Start  End  Slot       Name  Signature
            0   17     0       this  Lsun/security/provider/certpath/PKIXCertPathValidator;
            0   17     1  pkixParam  Ljava/security/cert/PKIXParameters;
    Exceptions:
      throws java.security.cert.CertPathValidatorException
    MethodParameters:
           Name  Flags
      pkixParam  

  private java.security.cert.PolicyNode doValidate(java.security.cert.TrustAnchor, java.security.cert.CertPath, java.util.List<java.security.cert.X509Certificate>, java.security.cert.PKIXParameters, sun.security.provider.certpath.PolicyNodeImpl);
    descriptor: (Ljava/security/cert/TrustAnchor;Ljava/security/cert/CertPath;Ljava/util/List;Ljava/security/cert/PKIXParameters;Lsun/security/provider/certpath/PolicyNodeImpl;)Ljava/security/cert/PolicyNode;
    flags: (0x0002) ACC_PRIVATE
    Code:
      stack=9, locals=16, args_size=6
        start local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
        start local 1 // java.security.cert.TrustAnchor anchor
        start local 2 // java.security.cert.CertPath cpOriginal
        start local 3 // java.util.List certList
        start local 4 // java.security.cert.PKIXParameters pkixParam
        start local 5 // sun.security.provider.certpath.PolicyNodeImpl rootNode
         0: .line 312
            new java.util.ArrayList
            dup
            invokespecial java.util.ArrayList.<init>:()V
         1: .line 311
            astore 6 /* certPathCheckers */
        start local 6 // java.util.List certPathCheckers
         2: .line 314
            aload 3 /* certList */
            invokeinterface java.util.List.size:()I
            istore 7 /* certPathLen */
        start local 7 // int certPathLen
         3: .line 316
            aload 0 /* this */
            new sun.security.provider.certpath.BasicChecker
            dup
            aload 1 /* anchor */
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.testDate:Ljava/util/Date;
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.sigProvider:Ljava/lang/String;
            iconst_0
            invokespecial sun.security.provider.certpath.BasicChecker.<init>:(Ljava/security/cert/TrustAnchor;Ljava/util/Date;Ljava/lang/String;Z)V
            putfield sun.security.provider.certpath.PKIXCertPathValidator.basicChecker:Lsun/security/provider/certpath/BasicChecker;
         4: .line 317
            aconst_null
            astore 8 /* variant */
        start local 8 // java.lang.String variant
         5: .line 318
            aload 4 /* pkixParam */
            instanceof sun.security.provider.certpath.PKIXExtendedParameters
            ifeq 7
         6: .line 319
            aload 4 /* pkixParam */
            checkcast sun.security.provider.certpath.PKIXExtendedParameters
            invokevirtual sun.security.provider.certpath.PKIXExtendedParameters.getVariant:()Ljava/lang/String;
            astore 8 /* variant */
         7: .line 321
      StackMap locals: java.util.List int java.lang.String
      StackMap stack:
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            ifnull 9
         8: .line 322
            getstatic sun.security.provider.certpath.PKIXCertPathValidator.debug:Lsun/security/util/Debug;
            new java.lang.StringBuilder
            dup
            ldc "PKIXCertPathValidator.doValidate(): create AlgorithmChecker for variant: "
            invokespecial java.lang.StringBuilder.<init>:(Ljava/lang/String;)V
            aload 8 /* variant */
            invokevirtual java.lang.StringBuilder.append:(Ljava/lang/String;)Ljava/lang/StringBuilder;
            invokevirtual java.lang.StringBuilder.toString:()Ljava/lang/String;
            invokevirtual sun.security.util.Debug.println:(Ljava/lang/String;)V
         9: .line 324
      StackMap locals:
      StackMap stack:
            new sun.security.provider.certpath.AlgorithmChecker
            dup
            aload 1 /* anchor */
            aload 8 /* variant */
            invokespecial sun.security.provider.certpath.AlgorithmChecker.<init>:(Ljava/security/cert/TrustAnchor;Ljava/lang/String;)V
            astore 9 /* algorithmChecker */
        start local 9 // sun.security.provider.certpath.AlgorithmChecker algorithmChecker
        10: .line 325
            new sun.security.provider.certpath.KeyChecker
            dup
            iload 7 /* certPathLen */
        11: .line 326
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getTargetCertConstraints:()Ljava/security/cert/CertSelector;
        12: .line 325
            invokespecial sun.security.provider.certpath.KeyChecker.<init>:(ILjava/security/cert/CertSelector;)V
            astore 10 /* keyChecker */
        start local 10 // sun.security.provider.certpath.KeyChecker keyChecker
        13: .line 328
            new sun.security.provider.certpath.ConstraintsChecker
            dup
            iload 7 /* certPathLen */
            invokespecial sun.security.provider.certpath.ConstraintsChecker.<init>:(I)V
        14: .line 327
            astore 11 /* constraintsChecker */
        start local 11 // sun.security.provider.certpath.ConstraintsChecker constraintsChecker
        15: .line 331
            new sun.security.provider.certpath.PolicyChecker
            dup
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getInitialPolicies:()Ljava/util/Set;
            iload 7 /* certPathLen */
        16: .line 332
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.isExplicitPolicyRequired:()Z
        17: .line 333
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.isPolicyMappingInhibited:()Z
        18: .line 334
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.isAnyPolicyInhibited:()Z
        19: .line 335
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.getPolicyQualifiersRejected:()Z
        20: .line 336
            aload 5 /* rootNode */
        21: .line 331
            invokespecial sun.security.provider.certpath.PolicyChecker.<init>:(Ljava/util/Set;IZZZZLsun/security/provider/certpath/PolicyNodeImpl;)V
        22: .line 330
            astore 12 /* policyChecker */
        start local 12 // sun.security.provider.certpath.PolicyChecker policyChecker
        23: .line 337
            new sun.security.provider.certpath.UntrustedChecker
            dup
            invokespecial sun.security.provider.certpath.UntrustedChecker.<init>:()V
            astore 13 /* untrustedChecker */
        start local 13 // sun.security.provider.certpath.UntrustedChecker untrustedChecker
        24: .line 339
            aload 1 /* anchor */
            invokevirtual java.security.cert.TrustAnchor.getTrustedCert:()Ljava/security/cert/X509Certificate;
            astore 14 /* anchorCert */
        start local 14 // java.security.cert.X509Certificate anchorCert
        25: .line 340
            aload 14 /* anchorCert */
            ifnull 29
        26: .line 341
            aload 13 /* untrustedChecker */
            aload 14 /* anchorCert */
        27: .line 342
            invokestatic java.util.Collections.emptySet:()Ljava/util/Set;
        28: .line 341
            invokevirtual sun.security.provider.certpath.UntrustedChecker.check:(Ljava/security/cert/Certificate;Ljava/util/Collection;)V
        29: .line 346
      StackMap locals: sun.security.provider.certpath.PKIXCertPathValidator java.security.cert.TrustAnchor java.security.cert.CertPath java.util.List java.security.cert.PKIXParameters sun.security.provider.certpath.PolicyNodeImpl java.util.List int java.lang.String sun.security.provider.certpath.AlgorithmChecker sun.security.provider.certpath.KeyChecker sun.security.provider.certpath.ConstraintsChecker sun.security.provider.certpath.PolicyChecker sun.security.provider.certpath.UntrustedChecker java.security.cert.X509Certificate
      StackMap stack:
            aload 6 /* certPathCheckers */
            aload 13 /* untrustedChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        30: .line 347
            aload 6 /* certPathCheckers */
            aload 9 /* algorithmChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        31: .line 348
            aload 6 /* certPathCheckers */
            aload 10 /* keyChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        32: .line 349
            aload 6 /* certPathCheckers */
            aload 11 /* constraintsChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        33: .line 350
            aload 6 /* certPathCheckers */
            aload 12 /* policyChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        34: .line 351
            aload 6 /* certPathCheckers */
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.basicChecker:Lsun/security/provider/certpath/BasicChecker;
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        35: .line 354
            aload 4 /* pkixParam */
            invokevirtual java.security.cert.PKIXParameters.isRevocationEnabled:()Z
            ifeq 43
        36: .line 357
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.ocspEnabled:Z
            ifeq 40
        37: .line 359
            new sun.security.provider.certpath.OCSPChecker
            dup
            aload 2 /* cpOriginal */
            aload 4 /* pkixParam */
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.onlyEECert:Z
            invokespecial sun.security.provider.certpath.OCSPChecker.<init>:(Ljava/security/cert/CertPath;Ljava/security/cert/PKIXParameters;Z)V
        38: .line 358
            astore 15 /* ocspChecker */
        start local 15 // sun.security.provider.certpath.OCSPChecker ocspChecker
        39: .line 360
            aload 6 /* certPathCheckers */
            aload 15 /* ocspChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        end local 15 // sun.security.provider.certpath.OCSPChecker ocspChecker
        40: .line 365
      StackMap locals:
      StackMap stack:
            new sun.security.provider.certpath.CrlRevocationChecker
            dup
            aload 1 /* anchor */
            aload 4 /* pkixParam */
            aload 3 /* certList */
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.onlyEECert:Z
        41: .line 364
            invokespecial sun.security.provider.certpath.CrlRevocationChecker.<init>:(Ljava/security/cert/TrustAnchor;Ljava/security/cert/PKIXParameters;Ljava/util/Collection;Z)V
            astore 15 /* revocationChecker */
        start local 15 // sun.security.provider.certpath.CrlRevocationChecker revocationChecker
        42: .line 366
            aload 6 /* certPathCheckers */
            aload 15 /* revocationChecker */
            invokeinterface java.util.List.add:(Ljava/lang/Object;)Z
            pop
        end local 15 // sun.security.provider.certpath.CrlRevocationChecker revocationChecker
        43: .line 370
      StackMap locals:
      StackMap stack:
            aload 6 /* certPathCheckers */
            aload 0 /* this */
            getfield sun.security.provider.certpath.PKIXCertPathValidator.userCheckers:Ljava/util/List;
            invokeinterface java.util.List.addAll:(Ljava/util/Collection;)Z
            pop
        44: .line 373
            new sun.security.provider.certpath.PKIXMasterCertPathValidator
            dup
            aload 6 /* certPathCheckers */
            invokespecial sun.security.provider.certpath.PKIXMasterCertPathValidator.<init>:(Ljava/util/List;)V
        45: .line 372
            astore 15 /* masterValidator */
        start local 15 // sun.security.provider.certpath.PKIXMasterCertPathValidator masterValidator
        46: .line 375
            aload 15 /* masterValidator */
            aload 2 /* cpOriginal */
            aload 3 /* certList */
            invokevirtual sun.security.provider.certpath.PKIXMasterCertPathValidator.validate:(Ljava/security/cert/CertPath;Ljava/util/List;)V
        47: .line 377
            aload 12 /* policyChecker */
            invokevirtual sun.security.provider.certpath.PolicyChecker.getPolicyTree:()Ljava/security/cert/PolicyNode;
            areturn
        end local 15 // sun.security.provider.certpath.PKIXMasterCertPathValidator masterValidator
        end local 14 // java.security.cert.X509Certificate anchorCert
        end local 13 // sun.security.provider.certpath.UntrustedChecker untrustedChecker
        end local 12 // sun.security.provider.certpath.PolicyChecker policyChecker
        end local 11 // sun.security.provider.certpath.ConstraintsChecker constraintsChecker
        end local 10 // sun.security.provider.certpath.KeyChecker keyChecker
        end local 9 // sun.security.provider.certpath.AlgorithmChecker algorithmChecker
        end local 8 // java.lang.String variant
        end local 7 // int certPathLen
        end local 6 // java.util.List certPathCheckers
        end local 5 // sun.security.provider.certpath.PolicyNodeImpl rootNode
        end local 4 // java.security.cert.PKIXParameters pkixParam
        end local 3 // java.util.List certList
        end local 2 // java.security.cert.CertPath cpOriginal
        end local 1 // java.security.cert.TrustAnchor anchor
        end local 0 // sun.security.provider.certpath.PKIXCertPathValidator this
      LocalVariableTable:
        Start  End  Slot                Name  Signature
            0   48     0                this  Lsun/security/provider/certpath/PKIXCertPathValidator;
            0   48     1              anchor  Ljava/security/cert/TrustAnchor;
            0   48     2          cpOriginal  Ljava/security/cert/CertPath;
            0   48     3            certList  Ljava/util/List<Ljava/security/cert/X509Certificate;>;
            0   48     4           pkixParam  Ljava/security/cert/PKIXParameters;
            0   48     5            rootNode  Lsun/security/provider/certpath/PolicyNodeImpl;
            2   48     6    certPathCheckers  Ljava/util/List<Ljava/security/cert/PKIXCertPathChecker;>;
            3   48     7         certPathLen  I
            5   48     8             variant  Ljava/lang/String;
           10   48     9    algorithmChecker  Lsun/security/provider/certpath/AlgorithmChecker;
           13   48    10          keyChecker  Lsun/security/provider/certpath/KeyChecker;
           15   48    11  constraintsChecker  Lsun/security/provider/certpath/ConstraintsChecker;
           23   48    12       policyChecker  Lsun/security/provider/certpath/PolicyChecker;
           24   48    13    untrustedChecker  Lsun/security/provider/certpath/UntrustedChecker;
           25   48    14          anchorCert  Ljava/security/cert/X509Certificate;
           39   40    15         ocspChecker  Lsun/security/provider/certpath/OCSPChecker;
           42   43    15   revocationChecker  Lsun/security/provider/certpath/CrlRevocationChecker;
           46   48    15     masterValidator  Lsun/security/provider/certpath/PKIXMasterCertPathValidator;
    Exceptions:
      throws java.security.cert.CertPathValidatorException
    Signature: (Ljava/security/cert/TrustAnchor;Ljava/security/cert/CertPath;Ljava/util/List<Ljava/security/cert/X509Certificate;>;Ljava/security/cert/PKIXParameters;Lsun/security/provider/certpath/PolicyNodeImpl;)Ljava/security/cert/PolicyNode;
    MethodParameters:
            Name  Flags
      anchor      
      cpOriginal  
      certList    
      pkixParam   
      rootNode    
}
SourceFile: "PKIXCertPathValidator.java"