Menu
▾
▴
[ebxmlms-commits] ebxmlms/src/hk/hku/cecid/phoenix/pki ApacheXMLDSigner.java,1.4.2.5,1.4.2.6
|
From: <bob...@us...> - 2003-12-31 03:02:28
|
Update of /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/pki
In directory sc8-pr-cvs1:/tmp/cvs-serv25391/src/hk/hku/cecid/phoenix/pki
Modified Files:
Tag: b0931
ApacheXMLDSigner.java
Log Message:
During EbxmlMessage.verify(),
when the certificates returned by certResolver is null,
it will cosider as verify successful in previous version.
Now it will throw VerifyException in such case.
VerifyException will also be thrown if certResolver is null but
the cert path cannot be verified in the logic due to null trusted
keystore or 1.3 Java version
Index: ApacheXMLDSigner.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/pki/ApacheXMLDSigner.java,v
retrieving revision 1.4.2.5
retrieving revision 1.4.2.6
diff -C2 -d -r1.4.2.5 -r1.4.2.6
*** ApacheXMLDSigner.java 2 Jun 2003 02:29:51 -0000 1.4.2.5
--- ApacheXMLDSigner.java 31 Dec 2003 03:02:24 -0000 1.4.2.6
***************
*** 475,479 ****
--- 475,489 ----
if (certResolver != null) {
certs = certResolver.resolve(obj);
+ if (certs == null || certs.length <= 0) {
+ String err = "Certificates returned by certResolver is null";
+ logger.warn(err);
+ throws new VerifyException(err);
+ }
+ } else if (trusted == null || javaVersion < 1.4) {
+ String err = "Cannot verify cert path, but certResolver is null";
+ logger.warn(err);
+ throws new VerifyException;
}
+
KeyInfo keyInfo = null;
PublicKey publicKey = null;
***************
*** 545,550 ****
ret = CertPathVerifier.verify(certs, trusted);
logger.debug("verified, result: " + ret);
! }
! else {
logger.debug("verification of cert path skipped");
}
--- 555,559 ----
ret = CertPathVerifier.verify(certs, trusted);
logger.debug("verified, result: " + ret);
! } else {
logger.debug("verification of cert path skipped");
}
|
