diff options
author | Kenny Root <kroot@android.com> | 2014-10-17 22:44:34 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-10-17 22:44:35 +0000 |
commit | 0ced44f2869c61a7f2ba20c115416582b2740be5 (patch) | |
tree | 6c876ccbb5560aa6f9b7d42eeae00495568e5bc4 | |
parent | 74e779b0f5b26a0d31f08ad6ec0f8822501c4c16 (diff) | |
parent | 1853e9adc19481f9656ca4ac99eda06e5cfb962d (diff) | |
download | android_external_bouncycastle-0ced44f2869c61a7f2ba20c115416582b2740be5.tar.gz android_external_bouncycastle-0ced44f2869c61a7f2ba20c115416582b2740be5.tar.bz2 android_external_bouncycastle-0ced44f2869c61a7f2ba20c115416582b2740be5.zip |
Merge "Revert "Put the CertBlacklist in a NoPreloadHolder""
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java | 8 | ||||
-rw-r--r-- | patches/bcprov.patch | 16 |
2 files changed, 10 insertions, 14 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java index 19dc768..8ed42a1 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java @@ -37,9 +37,7 @@ public class PKIXCertPathValidatorSpi extends CertPathValidatorSpi { // BEGIN android-added - private static class NoPreloadHolder { - private final static CertBlacklist blacklist = new CertBlacklist(); - } + private final static CertBlacklist blacklist = new CertBlacklist(); // END android-added public CertPathValidatorResult engineValidate( @@ -89,7 +87,7 @@ public class PKIXCertPathValidatorSpi if (cert != null) { BigInteger serial = cert.getSerialNumber(); - if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { + if (blacklist.isSerialNumberBlackListed(serial)) { // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs String message = "Certificate revocation of serial 0x" + serial.toString(16); System.out.println(message); @@ -276,7 +274,7 @@ public class PKIXCertPathValidatorSpi for (index = certs.size() - 1; index >= 0; index--) { // BEGIN android-added - if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { + if (blacklist.isPublicKeyBlackListed(workingPublicKey)) { // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs String message = "Certificate revocation of public key " + workingPublicKey; System.out.println(message); diff --git a/patches/bcprov.patch b/patches/bcprov.patch index 7335270..b824b2f 100644 --- a/patches/bcprov.patch +++ b/patches/bcprov.patch @@ -8456,7 +8456,7 @@ diff -Naur bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.jav diff -Naur bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-151/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java --- bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2014-07-26 04:17:24.000000000 +0000 -+++ bcprov-jdk15on-151/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2014-10-16 17:49:43.000000000 +0000 ++++ bcprov-jdk15on-151/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2014-07-28 19:51:54.000000000 +0000 @@ -1,5 +1,8 @@ package org.bouncycastle.jce.provider; @@ -8466,19 +8466,17 @@ diff -Naur bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCertPathVal import java.security.InvalidAlgorithmParameterException; import java.security.PublicKey; import java.security.cert.CertPath; -@@ -33,6 +36,11 @@ +@@ -33,6 +36,9 @@ public class PKIXCertPathValidatorSpi extends CertPathValidatorSpi { + // BEGIN android-added -+ private static class NoPreloadHolder { -+ private final static CertBlacklist blacklist = new CertBlacklist(); -+ } ++ private final static CertBlacklist blacklist = new CertBlacklist(); + // END android-added public CertPathValidatorResult engineValidate( CertPath certPath, -@@ -75,6 +83,22 @@ +@@ -75,6 +81,22 @@ { throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); } @@ -8488,7 +8486,7 @@ diff -Naur bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCertPathVal + + if (cert != null) { + BigInteger serial = cert.getSerialNumber(); -+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) { ++ if (blacklist.isSerialNumberBlackListed(serial)) { + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs + String message = "Certificate revocation of serial 0x" + serial.toString(16); + System.out.println(message); @@ -8501,12 +8499,12 @@ diff -Naur bcprov-jdk15on-151.orig/org/bouncycastle/jce/provider/PKIXCertPathVal // // (b) -@@ -251,6 +275,15 @@ +@@ -251,6 +273,15 @@ for (index = certs.size() - 1; index >= 0; index--) { + // BEGIN android-added -+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { ++ if (blacklist.isPublicKeyBlackListed(workingPublicKey)) { + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs + String message = "Certificate revocation of public key " + workingPublicKey; + System.out.println(message); |