WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Changed getLocalPrincipal to assume user cert is first in chain

pull/204/head
Jack Tjaden 2024-06-13 15:56:13 -06:00
parent 318af35470
commit 291116d731
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java
View File

@ -647,7 +647,7 @@ public class WolfSSLImplementSSLSession extends ExtendedSSLSession
@Override
public Principal getLocalPrincipal() {
/* Logic needs to be added to check for client auth when wrapper is made TODO */
X509KeyManager km = authStore.getX509KeyManager();
java.security.cert.X509Certificate[] certs =
km.getCertificateChain(authStore.getCertAlias());
@ -657,12 +657,9 @@ public class WolfSSLImplementSSLSession extends ExtendedSSLSession
return null;
}
for (int i = 0; i < certs.length; i++) {
if (certs[i].getBasicConstraints() < 0) {
/* is not a CA treat as end of chain */
localPrincipal = certs[i].getSubjectDN();
break;
}
if (certs.length > 0){
/* When chain of certificates exceeds one, the user certifcate is the first */
localPrincipal = certs[0].getSubjectDN();
}
/* free native resources earlier than garbage collection if