Ticket #12264: CertificateAmendment.patch

File CertificateAmendment.patch, 2.5 KB (added by wiktorn, 8 years ago)

Corrected patch

  • src/org/openstreetmap/josm/io/CertificateAmendment.java 

    diff --git a/src/org/openstreetmap/josm/io/CertificateAmendment.java b/src/org/openstreetmap/josm/io/CertificateAmendment.java
index bace14f..192c91b 100644
    a b  
    4747    };
    4848
    4949    private static final String[] SHA_HASHES = {
    50         "139a5e4a4e0fa505378c72c5f700934ce8333f4e6b1b508886c4b0eb14f4be99",
    51         "916a8f9232328192968c81c8edb672fa539f726861dfe379ca722050e19962cd"
     50        "0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739",
     51        "c766a9bef2d4071c863a31aa4920e813b2d198608cb7b7cfe21143b836df09ea"
    5252    };
    5353
    5454    private CertificateAmendment() {
     
    8686        boolean certificateAdded = false;
    8787        for (int i = 0; i < CERT_AMEND.length; i++) {
    8888            CachedFile certCF = new CachedFile(CERT_AMEND[i]);
    89             MessageDigest md;
    90             try {
    91                 md = MessageDigest.getInstance("SHA-256");
    92             } catch (NoSuchAlgorithmException ex) {
    93                 throw new RuntimeException(ex);
    94             }
    9589            byte[] certBytes = certCF.getByteContent();
    96             byte[] sha = md.digest(certBytes);
    97             if (!SHA_HASHES[i].equals(Utils.toHexString(sha)))
    98                 throw new RuntimeException(tr("Error adding certificate {0} - hash mismatch. Expected {1}, was {2}", CERT_AMEND[i], SHA_HASHES[i], Utils.toHexString(sha)));
    99 
    10090            ByteArrayInputStream certIS = new ByteArrayInputStream(certBytes);
    10191            X509Certificate cert;
     92
    10293            try {
    10394                cert = (X509Certificate) cf.generateCertificate(certIS);
     95                MessageDigest md = MessageDigest.getInstance("SHA-256");
     96                String sha1 = Utils.toHexString(md.digest(cert.getEncoded()));
     97                if (!SHA_HASHES[i].equals(sha1)) {
     98                    throw new RuntimeException(tr("Error adding certificate {0} - certificate fingerprint mismatch. Expected {1}, was {2}",
     99                            CERT_AMEND[i],
     100                            SHA_HASHES[i],
     101                            sha1
     102                            ));
     103                }
    104104            } catch (CertificateException ex) {
    105105                throw new IOException(ex);
     106            } catch (NoSuchAlgorithmException ex) {
     107                throw new RuntimeException(ex);
    106108            }
    107109            if (certificateIsMissing(keyStore, cert)) {
    108110                if (Main.isDebugEnabled()) {