Loading core/java/android/security/net/config/DirectoryCertificateSource.java +36 −11 Original line number Original line Diff line number Diff line Loading @@ -16,26 +16,23 @@ package android.security.net.config; package android.security.net.config; import android.os.Environment; import android.os.UserHandle; import android.util.ArraySet; import android.util.ArraySet; import android.util.Log; import android.util.Log; import android.util.Pair; import libcore.io.IoUtils; import java.io.BufferedInputStream; import java.io.BufferedInputStream; import java.io.File; import java.io.File; import java.io.FileInputStream; import java.io.FileInputStream; import java.io.InputStream; import java.io.IOException; import java.io.IOException; import java.security.cert.Certificate; import java.io.InputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Collections; import java.util.Set; import java.util.Set; import libcore.io.IoUtils; import com.android.org.conscrypt.Hex; import com.android.org.conscrypt.NativeCrypto; import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal; Loading Loading @@ -192,8 +189,36 @@ abstract class DirectoryCertificateSource implements CertificateSource { } } private String getHash(X500Principal name) { private String getHash(X500Principal name) { int hash = NativeCrypto.X509_NAME_hash_old(name); int hash = hashName(name); return Hex.intToHexString(hash, 8); return intToHexString(hash, 8); } private static final char[] DIGITS = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; private static String intToHexString(int i, int minWidth) { int bufLen = 8; // Max number of hex digits in an int char[] buf = new char[bufLen]; int cursor = bufLen; do { buf[--cursor] = DIGITS[i & 0xf]; } while ((i >>>= 4) != 0 || (bufLen - cursor < minWidth)); return new String(buf, cursor, bufLen - cursor); } // This code matches the code in X509_NAME_hash_old() in Conscrypt, which in turn matches // the names of certificate files. It must be kept in sync. private static int hashName(X500Principal principal) { try { byte[] digest = MessageDigest.getInstance("MD5").digest(principal.getEncoded()); int offset = 0; return (((digest[offset++] & 0xff) << 0) | ((digest[offset++] & 0xff) << 8) | ((digest[offset++] & 0xff) << 16) | ((digest[offset] & 0xff) << 24)); } catch (NoSuchAlgorithmException e) { throw new AssertionError(e); } } } private X509Certificate readCertificate(String file) { private X509Certificate readCertificate(String file) { Loading Loading
core/java/android/security/net/config/DirectoryCertificateSource.java +36 −11 Original line number Original line Diff line number Diff line Loading @@ -16,26 +16,23 @@ package android.security.net.config; package android.security.net.config; import android.os.Environment; import android.os.UserHandle; import android.util.ArraySet; import android.util.ArraySet; import android.util.Log; import android.util.Log; import android.util.Pair; import libcore.io.IoUtils; import java.io.BufferedInputStream; import java.io.BufferedInputStream; import java.io.File; import java.io.File; import java.io.FileInputStream; import java.io.FileInputStream; import java.io.InputStream; import java.io.IOException; import java.io.IOException; import java.security.cert.Certificate; import java.io.InputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Collections; import java.util.Set; import java.util.Set; import libcore.io.IoUtils; import com.android.org.conscrypt.Hex; import com.android.org.conscrypt.NativeCrypto; import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal; Loading Loading @@ -192,8 +189,36 @@ abstract class DirectoryCertificateSource implements CertificateSource { } } private String getHash(X500Principal name) { private String getHash(X500Principal name) { int hash = NativeCrypto.X509_NAME_hash_old(name); int hash = hashName(name); return Hex.intToHexString(hash, 8); return intToHexString(hash, 8); } private static final char[] DIGITS = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; private static String intToHexString(int i, int minWidth) { int bufLen = 8; // Max number of hex digits in an int char[] buf = new char[bufLen]; int cursor = bufLen; do { buf[--cursor] = DIGITS[i & 0xf]; } while ((i >>>= 4) != 0 || (bufLen - cursor < minWidth)); return new String(buf, cursor, bufLen - cursor); } // This code matches the code in X509_NAME_hash_old() in Conscrypt, which in turn matches // the names of certificate files. It must be kept in sync. private static int hashName(X500Principal principal) { try { byte[] digest = MessageDigest.getInstance("MD5").digest(principal.getEncoded()); int offset = 0; return (((digest[offset++] & 0xff) << 0) | ((digest[offset++] & 0xff) << 8) | ((digest[offset++] & 0xff) << 16) | ((digest[offset] & 0xff) << 24)); } catch (NoSuchAlgorithmException e) { throw new AssertionError(e); } } } private X509Certificate readCertificate(String file) { private X509Certificate readCertificate(String file) { Loading
