[GitHub] [marmotta] YYTVicky commented on pull request #45: add comment to warn it is not secure

Wed, 29 Apr 2020 18:40:17 -0700 


YYTVicky commented on pull request #45:
URL: https://github.com/apache/marmotta/pull/45#issuecomment-621561387


   Hi, 
      sorry for the confusing, our PR want to say that leave checkClientTrusted 
or checkServerTrusted empty may cause security issues. In such cases, it can 
allow all connections without any verification. so we have some template for 
referring:  
   new X509TrustManager(){
   @override
   public void checkClientTrusted(X509Certificate[] chain, String authType) 
throws CertificateException {
   
                        for (final X509TrustManager trustManager : 
trustManagers) {
                                try {
                                        trustManager.checkClientTrusted(chain, 
authType);
                                        return;
                                } catch (final CertificateException e) {
                                        //LOGGER.debug(e.getMessage(), e);
                                }
                        }
                        throw new CertificateException("None of the 
TrustManagers trust this certificate chain");
   
                }
   
                @Override
                public X509Certificate[] getAcceptedIssuers() {
                        for (final X509TrustManager trustManager : 
trustManagers) {
                                final List<X509Certificate> list = 
Arrays.asList(trustManager.getAcceptedIssuers());
                                certificates.addAll(list);
                        }
                        return certificates.toArray(new X509Certificate[] {});
                }
   
                @Override
                public void checkServerTrusted(X509Certificate[] chain, String 
authType) throws CertificateException{
                        if (chain == null) {
                                throw new 
IllegalArgumentException("checkServerTrusted:x509Certificate array isnull");
                        }
   
                        if (!(chain.length > 0)) {
                                throw new 
IllegalArgumentException("checkServerTrusted: X509Certificate is empty");
                        }
   
                        if (!(null != authType && 
authType.equalsIgnoreCase("RSA"))) {
                                throw new 
CertificateException("checkServerTrusted: AuthType is not RSA");
                        }
   
   
                        try {
                                TrustManagerFactory tmf = 
TrustManagerFactory.getInstance("X509");
                                tmf.init((KeyStore) null);
                                for (TrustManager trustManager : 
tmf.getTrustManagers()) {
                                        ((X509TrustManager) 
trustManager).checkServerTrusted(chain, authType);
                                }
                        } catch (Exception e) {
                                throw new CertificateException(e);
                        }
   
   
                        RSAPublicKey pubkey = (RSAPublicKey) 
chain[0].getPublicKey();
                        String encoded = new BigInteger(1 , 
pubkey.getEncoded()).toString(16);
                        final boolean expected = 
PUB_KEY.equalsIgnoreCase(encoded);
   
                        if (!expected) {
                                throw new 
CertificateException("checkServerTrusted: Expected public key: "
                                                + PUB_KEY + ", got public key:" 
+ encoded);
                        }
                }
        };


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to