diff options
| author | Bob Lee <crazybob@crazybob.org> | 2009-09-20 15:56:35 -0700 |
|---|---|---|
| committer | Bob Lee <crazybob@crazybob.org> | 2009-09-20 15:56:35 -0700 |
| commit | 5777f56ef4522e39ff9e41e967c399642fc6c6b4 (patch) | |
| tree | 619daa587bc4a46d41b2715459175dccf05dbe0c /security/src | |
| parent | 2d97a2b8ca7cd4993f9f917bdffd83d19e1e4f6c (diff) | |
| download | libcore-5777f56ef4522e39ff9e41e967c399642fc6c6b4.zip libcore-5777f56ef4522e39ff9e41e967c399642fc6c6b4.tar.gz libcore-5777f56ef4522e39ff9e41e967c399642fc6c6b4.tar.bz2 | |
Replaced an O(N) algorithm with an O(1) algorithm. This shaves off 2/3 of the server cert checking time or ~200ms on Sapphire. This is in preparation for tripling the number of certs in an upcoming change.
Diffstat (limited to 'security/src')
| -rw-r--r-- | security/src/main/java/org/bouncycastle/jce/provider/IndexedPKIXParameters.java | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/security/src/main/java/org/bouncycastle/jce/provider/IndexedPKIXParameters.java b/security/src/main/java/org/bouncycastle/jce/provider/IndexedPKIXParameters.java index e8e834a..03679e2 100644 --- a/security/src/main/java/org/bouncycastle/jce/provider/IndexedPKIXParameters.java +++ b/security/src/main/java/org/bouncycastle/jce/provider/IndexedPKIXParameters.java @@ -109,7 +109,7 @@ public class IndexedPKIXParameters extends PKIXParameters { if (anchor != null) { return anchor; } - } catch (Exception e) { + } catch (Exception e) { Logger.getLogger(IndexedPKIXParameters.class.getName()).log( Level.WARNING, "Error encoding cert.", e); } @@ -125,6 +125,21 @@ public class IndexedPKIXParameters extends PKIXParameters { } /** + * Returns true if the given certificate is found in the trusted key + * store. + */ + public boolean isDirectlyTrusted(X509Certificate cert) { + try { + Bytes encoded = new Bytes(cert.getEncoded()); + return encodings.containsKey(encoded); + } catch (Exception e) { + Logger.getLogger(IndexedPKIXParameters.class.getName()).log( + Level.WARNING, "Error encoding cert.", e); + return false; + } + } + + /** * Wraps a byte[] and adds equals() and hashCode() support. */ static class Bytes { |