Ignore:
Timestamp:
2018-02-23T00:01:20+01:00 (20 months ago)
Author:
Don-vip
Message:

fix #15992 - load native certificates from macOS system root trust store, see https://support.apple.com/en-us/HT208127

Location:
trunk/src/org/openstreetmap/josm/tools
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/tools/PlatformHook.java

    r12919 r13450  
    2020
    2121import org.openstreetmap.josm.data.projection.datum.NTV2Proj4DirGridShiftFileSource;
    22 import org.openstreetmap.josm.io.CertificateAmendment.CertAmend;
     22import org.openstreetmap.josm.io.CertificateAmendment.NativeCertAmend;
    2323import org.openstreetmap.josm.spi.preferences.Config;
    2424import org.openstreetmap.josm.tools.date.DateUtils;
     
    211211     * @throws CertificateException in case of error
    212212     * @throws NoSuchAlgorithmException in case of error
    213      * @since 11943
    214      */
    215     default X509Certificate getX509Certificate(CertAmend certAmend)
     213     * @since 13450
     214     */
     215    default X509Certificate getX509Certificate(NativeCertAmend certAmend)
    216216            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    217217        return null;
  • trunk/src/org/openstreetmap/josm/tools/PlatformHookOsx.java

    r12776 r13450  
    88import java.awt.Window;
    99import java.awt.event.KeyEvent;
     10import java.io.ByteArrayInputStream;
    1011import java.io.File;
    1112import java.io.IOException;
     
    1415import java.lang.reflect.Method;
    1516import java.lang.reflect.Proxy;
     17import java.nio.charset.StandardCharsets;
     18import java.security.KeyStoreException;
     19import java.security.NoSuchAlgorithmException;
     20import java.security.cert.CertificateException;
     21import java.security.cert.CertificateFactory;
     22import java.security.cert.X509Certificate;
    1623import java.util.Arrays;
    1724import java.util.List;
    1825import java.util.Objects;
     26import java.util.concurrent.ExecutionException;
    1927
    2028import javax.swing.UIManager;
    2129
    2230import org.openstreetmap.josm.Main;
     31import org.openstreetmap.josm.io.CertificateAmendment.NativeCertAmend;
    2332
    2433/**
     
    427436                Main.pref.getJOSMDirectoryBaseName());
    428437    }
     438
     439    @Override
     440    public X509Certificate getX509Certificate(NativeCertAmend certAmend)
     441            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
     442        try {
     443            // Get platform certificate in PEM format
     444            String pem = Utils.execOutput(Arrays.asList("security", "find-certificate",
     445                    "-c", certAmend.getMacAlias(), "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"));
     446            Logging.debug(pem);
     447            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(
     448                    new ByteArrayInputStream(pem.getBytes(StandardCharsets.UTF_8)));
     449        } catch (ExecutionException | InterruptedException | IllegalArgumentException e) {
     450            throw new IOException(e);
     451        }
     452    }
    429453}
  • trunk/src/org/openstreetmap/josm/tools/PlatformHookUnixoid.java

    r13204 r13450  
    2626
    2727import org.openstreetmap.josm.Main;
    28 import org.openstreetmap.josm.io.CertificateAmendment.CertAmend;
     28import org.openstreetmap.josm.io.CertificateAmendment.NativeCertAmend;
    2929import org.openstreetmap.josm.spi.preferences.Config;
    3030
     
    398398
    399399    @Override
    400     public X509Certificate getX509Certificate(CertAmend certAmend)
     400    public X509Certificate getX509Certificate(NativeCertAmend certAmend)
    401401            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    402402        File f = new File("/usr/share/ca-certificates/mozilla", certAmend.getFilename());
  • trunk/src/org/openstreetmap/josm/tools/PlatformHookWindows.java

    r13204 r13450  
    7171import org.openstreetmap.josm.data.StructUtils.StructEntry;
    7272import org.openstreetmap.josm.data.StructUtils.WriteExplicitly;
    73 import org.openstreetmap.josm.io.CertificateAmendment.CertAmend;
     73import org.openstreetmap.josm.io.CertificateAmendment.NativeCertAmend;
    7474import org.openstreetmap.josm.spi.preferences.Config;
    7575
     
    439439
    440440    @Override
    441     public X509Certificate getX509Certificate(CertAmend certAmend)
     441    public X509Certificate getX509Certificate(NativeCertAmend certAmend)
    442442            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    443443        KeyStore ks = getRootKeystore();
    444444        // Search by alias (fast)
    445         Certificate result = ks.getCertificate(certAmend.getId());
     445        Certificate result = ks.getCertificate(certAmend.getWinAlias());
    446446        if (result instanceof X509Certificate) {
    447447            return (X509Certificate) result;
  • trunk/src/org/openstreetmap/josm/tools/Utils.java

    r13356 r13450  
    847847                    all = new StringBuilder(line);
    848848                } else {
    849                     all.append('\n');
    850                     all.append(line);
     849                    all.append('\n')
     850                       .append(line);
    851851                }
    852852            }
Note: See TracChangeset for help on using the changeset viewer.