geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vamsic...@apache.org
Subject svn commit: r470470 - /geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Date Thu, 02 Nov 2006 18:43:40 GMT
Author: vamsic007
Date: Thu Nov  2 10:43:39 2006
New Revision: 470470

URL: http://svn.apache.org/viewvc?view=rev&rev=470470
Log:
GERONIMO-2443 Import CA reply should match the public key in the keystore with that in the
certificate from CA.

Modified:
    geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java

Modified: geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?view=diff&rev=470470&r1=470469&r2=470470
==============================================================================
--- geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
(original)
+++ geronimo/server/branches/1.1/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Thu Nov  2 10:43:39 2006
@@ -405,11 +405,13 @@
             chain[i] = (Certificate) iter.next();
         }
         
-        char[] keyPassword = (char[])keyPasswords.get(alias);
-        keystore.setKeyEntry(alias, keystore.getKey(alias, keyPassword), keyPassword,
-                chain);
-        
-        saveKeystore(keystorePassword);
+        if(keystore.getCertificate(alias).getPublicKey().equals(chain[0].getPublicKey()))
{
+            char[] keyPassword = (char[])keyPasswords.get(alias);
+            keystore.setKeyEntry(alias, keystore.getKey(alias, keyPassword), keyPassword,
chain);
+            saveKeystore(keystorePassword);
+        } else {
+            log.error("Error in importPKCS7Certificate.  PublicKey in the certificate received
is not related to the PrivateKey in the keystore. keystore = "+keystoreName+", alias = "+alias);
+        }
     }
 
     public void deleteEntry(String alias) {



Mime
View raw message