idk/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

Certs: Sort alt names in generated certs

Browse Source
This commit is contained in:
zzz
2018-03-15 15:58:40 +00:00
parent cfd84bdcdd
commit 144147d854
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
core/java/src/net/i2p/crypto/SelfSignedGenerator.java
View File

@@ -23,6 +23,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.TimeZone; import java.util.TimeZone;
import java.util.TreeSet;
import javax.crypto.interfaces.DHPublicKey; import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.DHParameterSpec;
@@ -617,10 +618,14 @@ public final class SelfSignedGenerator {
int ext3len = oid3.length + TRUE.length + spaceFor(wrap3len); int ext3len = oid3.length + TRUE.length + spaceFor(wrap3len);
int wrap41len = 0; int wrap41len = 0;
if (altNames == null) // SEQUENCE doesn't have to be sorted, but let's do it for consistency,
altNames = new HashSet<String>(4); // so it's platform-independent and the same after renewal
else if (altNames == null) {
altNames = new TreeSet<String>();
} else {
altNames = new TreeSet<String>(altNames);
altNames.remove("0:0:0:0:0:0:0:1"); // We don't want dup of "::1" altNames.remove("0:0:0:0:0:0:0:1"); // We don't want dup of "::1"
}
altNames.add(cname); altNames.add(cname);
final boolean isCA = !cname.contains("@") && !cname.endsWith(".family.i2p.net"); final boolean isCA = !cname.contains("@") && !cname.endsWith(".family.i2p.net");
if (isCA) { if (isCA) {