Mercurial > hg > release > icedtea-web-1.2

changeset 337:c93ef2cc3535

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change CertificateUtils.inKeyStores() to only check for certificate equality
author Deepak Bhole <dbhole@redhat.com>
date Wed, 29 Feb 2012 13:56:57 -0500
parents e21f13506c3c
children 89a1e512f12b
files ChangeLog netx/net/sourceforge/jnlp/security/CertificateUtils.java
diffstat 2 files changed, 11 insertions(+), 21 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Feb 28 11:35:41 2012 -0500
+++ b/ChangeLog	Wed Feb 29 13:56:57 2012 -0500
@@ -1,3 +1,8 @@
+2012-02-29  Deepak Bhole <dbhole@redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/CertificateUtils.java
+	(inKeyStores): Only check for certificate equality.
+
 2012-02-28  Deepak Bhole <dbhole@redhat.com>
 
 	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java	Tue Feb 28 11:35:41 2012 -0500
+++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java	Wed Feb 29 13:56:57 2012 -0500
@@ -167,34 +167,19 @@
                 // Check against all certs
                 Enumeration<String> aliases = keyStores[i].aliases();
                 while (aliases.hasMoreElements()) {
+
+                    // Verify against this entry
                     String alias = aliases.nextElement();
-                    try {
-                        // Verify against this entry
-                        c.verify(keyStores[i].getCertificate(alias).getPublicKey());
 
+                    if (c.equals(keyStores[i].getCertificate(alias))) {
                         if (JNLPRuntime.isDebug()) {
                             System.out.println(c.getSubjectX500Principal().getName() + " found in cacerts");
                         }
-                        
-                        // If we got here, it means verification succeeded. Return true.
+
                         return true;
-                    } catch (NoSuchAlgorithmException nsae) {
-                        // Unsupported signature algorithm 
-                        // Consider non-match and keep going
-                    } catch (InvalidKeyException ike) {
-                        // Incorrect/corrupt key
-                        // Consider non-match and keep going                     
-                    } catch (NoSuchProviderException nspe) {
-                        // No default provider 
-                        // Consider non-match and keep going
-                    } catch (SignatureException se) {
-                        // Signature error
-                        // Consider non-match and keep going
-                    } catch (CertificateException ce) {
-                        // Encoding error
-                        // Consider non-match and keep going
-                    }
+                    } // else continue
                 }
+
             } catch (KeyStoreException e) {
                 e.printStackTrace();
                 // continue