Add a way to clear stored trusted certificates.

Bug: 6009802 Update the TrustManagerImpl Api to allow clearing stored certificates. This is needed so we can remove CAs when credential storage is updated. Change-Id: I024f7e8b12b60ea0ee35d7f94280e0e3d6db039f
author: Selim Gurun <sgurun@google.com> 2012-02-15 18:42:50 -0800
committer: Selim Gurun <sgurun@google.com> 2012-02-16 10:18:03 -0800
commit: 7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606 (patch)
tree: 7cccbcd6093de077112658314c5f07c4e8b2db51 /luni/src
parent: 5b57eb538f8da8e97cf88a310d75d14dfc91624c (diff)
download: libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.zip
libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.tar.gz
libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.tar.bz2
2 files changed, 21 insertions, 0 deletions
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
index 653dca4..3f362c5 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
@@ -163,6 +163,14 @@ public final class TrustManagerImpl implements X509TrustManager {
         checkTrusted(chain, authType);
     }
 
+    public void handleTrustStorageUpdate() {
+        if (acceptedIssuers == null) {
+            trustedCertificateIndex.reset();
+        } else {
+            trustedCertificateIndex.reset(trustAnchors(acceptedIssuers));
+        }
+    }
+
     private void checkTrusted(X509Certificate[] chain, String authType)
             throws CertificateException {
         if (chain == null || chain.length == 0 || authType == null || authType.length() == 0) {
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateIndex.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateIndex.java
index 9138b19..0b1f098 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateIndex.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateIndex.java
@@ -74,6 +74,19 @@ public final class TrustedCertificateIndex {
         }
     }
 
+    public void reset() {
+        synchronized (subjectToTrustAnchors) {
+            subjectToTrustAnchors.clear();
+        }
+    }
+
+    public void reset(Set<TrustAnchor> anchors) {
+        synchronized (subjectToTrustAnchors) {
+            reset();
+            index(anchors);
+        }
+    }
+
     public TrustAnchor findByIssuerAndSignature(X509Certificate cert) {
         X500Principal issuer = cert.getIssuerX500Principal();
         synchronized (subjectToTrustAnchors) {
author	Selim Gurun <sgurun@google.com>	2012-02-15 18:42:50 -0800
committer	Selim Gurun <sgurun@google.com>	2012-02-16 10:18:03 -0800
commit	7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606 (patch)
tree	7cccbcd6093de077112658314c5f07c4e8b2db51 /luni/src
parent	5b57eb538f8da8e97cf88a310d75d14dfc91624c (diff)
download	libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.zip libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.tar.gz libcore-7a61ad51ba5f5a0b439b2f3eacb1e0f99f909606.tar.bz2