Changeset fea5bd4
- Timestamp:
- Mar 23, 2019 2:26:29 PM (2 years ago)
- Branches:
- master
- Children:
- ce043943
- Parents:
- 00d4525
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
core/java/src/net/i2p/crypto/SelfSignedGenerator.java
r00d4525 rfea5bd4 15 15 import java.security.cert.X509Certificate; 16 16 import java.security.cert.X509CRL; 17 import java.security.spec.InvalidKeySpecException; 17 18 import java.security.spec.X509EncodedKeySpec; 18 19 import java.text.SimpleDateFormat; … … 33 34 34 35 import static net.i2p.crypto.SigUtil.intToASN1; 36 import net.i2p.crypto.eddsa.EdDSAPublicKey; 35 37 import net.i2p.data.DataHelper; 36 38 import net.i2p.data.Signature; … … 246 248 PublicKey cpub = cert.getPublicKey(); 247 249 cert.verify(cpub); 248 if (!cpub.equals(jpub)) 249 throw new GeneralSecurityException("pubkey mismatch"); 250 if (!cpub.equals(jpub)) { 251 boolean ok = false; 252 if (cpub.getClass().getName().equals("sun.security.x509.X509Key")) { 253 // X509Certificate will sometimes contain an X509Key rather than the EdDSAPublicKey itself; the contained 254 // key is valid but needs to be instanced as an EdDSAPublicKey before it can be used. 255 try { 256 cpub = new EdDSAPublicKey(new X509EncodedKeySpec(cpub.getEncoded())); 257 ok = cpub.equals(jpub); 258 } catch (InvalidKeySpecException ex) {} 259 } 260 if (!ok) 261 throw new GeneralSecurityException("pubkey mismatch, in: " + jpub.getClass() + " cert: " + cpub.getClass()); 262 } 250 263 // todo crl tests 251 264 … … 363 376 364 377 // positive serial number (long) 365 byte[] serial = new byte[1 0];378 byte[] serial = new byte[11]; 366 379 serial[0] = 2; 367 serial[1] = 8;368 RandomSource.getInstance().nextBytes(serial, 2, 8);380 serial[1] = 9; 381 RandomSource.getInstance().nextBytes(serial, 2, 9); 369 382 serial[2] &= 0x7f; 370 383
Note: See TracChangeset
for help on using the changeset viewer.
