br0kenpixel/TrickyStore
1
0
Fork 0
mirror of https://github.com/5ec1cff/TrickyStore.git synced 2025-09-06 06:37:07 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

fix wrong subject public key of hack leaf

Browse Source
This commit is contained in:
5ec1cff
2024-07-19 10:32:48 +08:00
parent 62ae132432
commit d4cf6a3450
1 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java
View File

@@ -164,8 +164,8 @@ public final class CertHack {
byte[] bytes = leaf.getExtensionValue(OID.getId()); byte[] bytes = leaf.getExtensionValue(OID.getId());
if (bytes == null) return caList; if (bytes == null) return caList;
X509CertificateHolder holder = new X509CertificateHolder(leaf.getEncoded()); X509CertificateHolder leafHolder = new X509CertificateHolder(leaf.getEncoded());
Extension ext = holder.getExtension(OID); Extension ext = leafHolder.getExtension(OID);
ASN1Sequence sequence = ASN1Sequence.getInstance(ext.getExtnValue().getOctets()); ASN1Sequence sequence = ASN1Sequence.getInstance(ext.getExtnValue().getOctets());
ASN1Encodable[] encodables = sequence.toArray(); ASN1Encodable[] encodables = sequence.toArray();
ASN1Sequence teeEnforced = (ASN1Sequence) encodables[7]; ASN1Sequence teeEnforced = (ASN1Sequence) encodables[7];
@@ -192,11 +192,11 @@ public final class CertHack {
new X509CertificateHolder( new X509CertificateHolder(
certificates.get(0).getEncoded() certificates.get(0).getEncoded()
).getSubject(), ).getSubject(),
holder.getSerialNumber(), leafHolder.getSerialNumber(),
holder.getNotBefore(), leafHolder.getNotBefore(),
holder.getNotAfter(), leafHolder.getNotAfter(),
holder.getSubject(), leafHolder.getSubject(),
k.pemKeyPair.getPublicKeyInfo() leafHolder.getSubjectPublicKeyInfo()
); );
signer = new JcaContentSignerBuilder(leaf.getSigAlgName()) signer = new JcaContentSignerBuilder(leaf.getSigAlgName())
.build(k.keyPair.getPrivate()); .build(k.keyPair.getPrivate());
@@ -236,9 +236,9 @@ public final class CertHack {
Extension hackedExt = new Extension(OID, false, hackedSeqOctets); Extension hackedExt = new Extension(OID, false, hackedSeqOctets);
builder.addExtension(hackedExt); builder.addExtension(hackedExt);
for (ASN1ObjectIdentifier extensionOID : holder.getExtensions().getExtensionOIDs()) { for (ASN1ObjectIdentifier extensionOID : leafHolder.getExtensions().getExtensionOIDs()) {
if (OID.getId().equals(extensionOID.getId())) continue; if (OID.getId().equals(extensionOID.getId())) continue;
builder.addExtension(holder.getExtension(extensionOID)); builder.addExtension(leafHolder.getExtension(extensionOID));
} }
certificates.addFirst(new JcaX509CertificateConverter().getCertificate(builder.build(signer))); certificates.addFirst(new JcaX509CertificateConverter().getCertificate(builder.build(signer)));