rpms/jss
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix SSL_ERROR_HANDSHAKE_FAILED in unit test

Browse Source 
Resolves: https://issues.redhat.com/browse/RHEL-30062
This commit is contained in:
Endi S. Dewata 2024-04-16 17:00:57 -05:00
parent 48cd4d2a77
commit b46bc95943
2 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
0001-Fix-certificate-signature-algorithm-not-valid-904.patch Normal file
View File

@ -0,0 +1,48 @@
From 8df7456ada0da95cfbaef4b4b8ecf4487f586c1b Mon Sep 17 00:00:00 2001
From: Marco Fargetta <fmarco76@users.noreply.github.com>
Date: Fri, 11 Nov 2022 10:15:32 +0100
Subject: [PATCH] Fix certificate signature algorithm not valid (#904)
---
.../java/org/mozilla/jss/tests/GenerateTestCert.java | 9 +++++++--
src/test/java/org/mozilla/jss/tests/SSLClientAuth.java | 4 ++--
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/test/java/org/mozilla/jss/tests/GenerateTestCert.java b/src/test/java/org/mozilla/jss/tests/GenerateTestCert.java
index 7af6125a2..623fe8385 100755
--- a/src/test/java/org/mozilla/jss/tests/GenerateTestCert.java
+++ b/src/test/java/org/mozilla/jss/tests/GenerateTestCert.java
@@ -302,8 +302,13 @@ public class GenerateTestCert {
int rand,
SEQUENCE extensions) throws Exception {
- AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
-
+ AlgorithmIdentifier sigAlgID = null;
+ if(keyType.equals("RSA")) {
+ sigAlgID = new AlgorithmIdentifier(sigAlg.toOID(), null);
+ }
+ else {
+ sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
+ }
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
diff --git a/src/test/java/org/mozilla/jss/tests/SSLClientAuth.java b/src/test/java/org/mozilla/jss/tests/SSLClientAuth.java
index 53fc218d3..80fbe6b05 100644
--- a/src/test/java/org/mozilla/jss/tests/SSLClientAuth.java
+++ b/src/test/java/org/mozilla/jss/tests/SSLClientAuth.java
@@ -46,8 +46,8 @@ public class SSLClientAuth implements Runnable {
public static Certificate makeCert(String issuerName, String subjectName,
int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand,
SEQUENCE extensions) throws Exception {
- AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier( sigAlg.toOID());
-
+ AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier( sigAlg.toOID(), null);
+
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
--
2.42.0

6
jss.spec
View File

@ -13,7 +13,7 @@ License: MPLv1.1 or GPLv2+ or LGPLv2+
# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
# For official (i.e. supported) releases, use x.y.z-r where r >=1.
Version: %{major_version}.%{minor_version}.%{update_version}
Release: 1%{?_timestamp}%{?_commit_id}%{?dist}
Release: 2%{?_timestamp}%{?_commit_id}%{?dist}
#global _phase -alpha1
# To generate the source tarball:
@ -31,6 +31,7 @@ Source: https://github.com/dogtagpki/%{name}/archive/v%{version}%{?_phas
# <version tag> \
# > jss-VERSION-RELEASE.patch
# Patch: jss-VERSION-RELEASE.patch
Patch: 0001-Fix-certificate-signature-algorithm-not-valid-904.patch
################################################################################
# Java
@ -183,6 +184,9 @@ cd %{_vpath_builddir}
################################################################################
%changelog
* Tue Apr 16 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.4-2
- RHEL-30062: Fix SSL_ERROR_HANDSHAKE_FAILED in unit test
* Wed Jun 01 2022 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.4-1
- Rebase to JSS 4.9.4
- Bug 2013674 - JSS cannot be properly initialized after using another NSS-backed security provider