[
https://issues.apache.org/jira/browse/WSS-330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Maxim Naidenov closed WSS-330.
------------------------------
Resolution: Not A Problem
Hi Colm,
you are right, seems I was too fast to write a bug report before doing a good
old debug and especially carefully checking the certificates that are compared.
Sorry for taking your time.
Maxim
> CryptoBase.getAliasForX509CertThumb calculates hash wrongly, could only match
> first certificate correctly
> ---------------------------------------------------------------------------------------------------------
>
> Key: WSS-330
> URL: https://issues.apache.org/jira/browse/WSS-330
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.5.12
> Reporter: Maxim Naidenov
> Assignee: Colm O hEigeartaigh
> Fix For: 1.5.13
>
>
> The method CryptoBase.getAliasForX509CertThumb(byte[] thumb) does not
> calculate the hash of certificates in the keystore correctly and could
> possibly match only the first certificate.
> This is because the SHA1 message digest is reset once:
> sha = MessageDigest.getInstance("SHA-1");
> sha.reset();
> but is updated every time while enumerating over certificates in the keystore:
> sha.update(cert.getEncoded());
> byte[] data = sha.digest();
> The fix would be to move the digest reset in the beginning of the enumeration
> loop.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
