Mercurial > hg > release > icedtea-web-1.2
changeset 337:c93ef2cc3535
Change CertificateUtils.inKeyStores() to only check for certificate equality
author | Deepak Bhole <dbhole@redhat.com> |
---|---|
date | Wed, 29 Feb 2012 13:56:57 -0500 |
parents | e21f13506c3c |
children | 89a1e512f12b |
files | ChangeLog netx/net/sourceforge/jnlp/security/CertificateUtils.java |
diffstat | 2 files changed, 11 insertions(+), 21 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Feb 28 11:35:41 2012 -0500 +++ b/ChangeLog Wed Feb 29 13:56:57 2012 -0500 @@ -1,3 +1,8 @@ +2012-02-29 Deepak Bhole <dbhole@redhat.com> + + * netx/net/sourceforge/jnlp/security/CertificateUtils.java + (inKeyStores): Only check for certificate equality. + 2012-02-28 Deepak Bhole <dbhole@redhat.com> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java Tue Feb 28 11:35:41 2012 -0500 +++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java Wed Feb 29 13:56:57 2012 -0500 @@ -167,34 +167,19 @@ // Check against all certs Enumeration<String> aliases = keyStores[i].aliases(); while (aliases.hasMoreElements()) { + + // Verify against this entry String alias = aliases.nextElement(); - try { - // Verify against this entry - c.verify(keyStores[i].getCertificate(alias).getPublicKey()); + if (c.equals(keyStores[i].getCertificate(alias))) { if (JNLPRuntime.isDebug()) { System.out.println(c.getSubjectX500Principal().getName() + " found in cacerts"); } - - // If we got here, it means verification succeeded. Return true. + return true; - } catch (NoSuchAlgorithmException nsae) { - // Unsupported signature algorithm - // Consider non-match and keep going - } catch (InvalidKeyException ike) { - // Incorrect/corrupt key - // Consider non-match and keep going - } catch (NoSuchProviderException nspe) { - // No default provider - // Consider non-match and keep going - } catch (SignatureException se) { - // Signature error - // Consider non-match and keep going - } catch (CertificateException ce) { - // Encoding error - // Consider non-match and keep going - } + } // else continue } + } catch (KeyStoreException e) { e.printStackTrace(); // continue