1回答

阿波罗的战车

reasons_mask：&nbsp;此变量包含到目前为止处理的 CRL 和增量 CRL 支持的一组撤销原因。interim_reasons_mask：&nbsp;这包含当前正在处理的 CRL 或 delta CRL 支持的一组撤销原因。据我所知，此处理的目的是收集 CRL 以支持尽可能多的撤销原因。因此，如果当前 CRL 支持任何先前 CRL 不支持的任何撤销原因，它只会将当前 CRL 添加到列表中。如果您reasons_mask包含所有内容true，那么之前的 CRL 已经涵盖了所有撤销原因，或者没有给出它支持的特定撤销原因导致设置特殊值all-reasons（所有标志为真），这意味着不需要涵盖进一步的撤销原因，因此它不会进一步检查。sun.security.provider.certpath.DistributionPointFetcher.java...// compute interim reasons maskboolean[] interimReasonsMask = new boolean[9];ReasonFlags reasons = null;if (idpExt != null) {&nbsp; &nbsp; reasons = (ReasonFlags) idpExt.get(IssuingDistributionPointExtension.REASONS);}boolean[] pointReasonFlags = point.getReasonFlags();if (reasons != null) {&nbsp; &nbsp; if (pointReasonFlags != null) {&nbsp; &nbsp; &nbsp; &nbsp; // set interim reasons mask to the intersection of&nbsp; &nbsp; &nbsp; &nbsp; // reasons in the DP and onlySomeReasons in the IDP&nbsp; &nbsp; &nbsp; &nbsp; boolean[] idpReasonFlags = reasons.getFlags();&nbsp; &nbsp; &nbsp; &nbsp; for (int i = 0; i < interimReasonsMask.length; i++) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; interimReasonsMask[i] = (i < idpReasonFlags.length && idpReasonFlags[i])&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; && (i < pointReasonFlags.length && pointReasonFlags[i]);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; } else {&nbsp; &nbsp; &nbsp; &nbsp; // set interim reasons mask to the value of&nbsp; &nbsp; &nbsp; &nbsp; // onlySomeReasons in the IDP (and clone it since we may&nbsp; &nbsp; &nbsp; &nbsp; // modify it)&nbsp; &nbsp; &nbsp; &nbsp; interimReasonsMask = reasons.getFlags().clone();&nbsp; &nbsp; }} else if (idpExt == null || reasons == null) {&nbsp; &nbsp; if (pointReasonFlags != null) {&nbsp; &nbsp; &nbsp; &nbsp; // set interim reasons mask to the value of DP reasons&nbsp; &nbsp; &nbsp; &nbsp; interimReasonsMask = pointReasonFlags.clone();&nbsp; &nbsp; } else {&nbsp; &nbsp; &nbsp; &nbsp; // set interim reasons mask to the special value all-reasons&nbsp; &nbsp; &nbsp; &nbsp; Arrays.fill(interimReasonsMask, true);&nbsp; // ### SEE HERE ###&nbsp; &nbsp; }}// verify that interim reasons mask includes one or more reasons// not included in the reasons maskboolean oneOrMore = false;for (int i = 0; i < interimReasonsMask.length && !oneOrMore; i++) {&nbsp; &nbsp; if (interimReasonsMask[i] && !(i < reasonsMask.length && reasonsMask[i])) {&nbsp; &nbsp; &nbsp; &nbsp; oneOrMore = true;&nbsp; &nbsp; }}if (!oneOrMore) {&nbsp; &nbsp; return false;}...

0 0

0