diff options
| author | Brian Carlstrom <bdc@google.com> | 2013-07-17 12:46:11 -0700 |
|---|---|---|
| committer | Brian Carlstrom <bdc@google.com> | 2013-08-29 03:32:39 -0700 |
| commit | 1facc8bfbb4ca824bc5a4c57bc13a9c092991fc5 (patch) | |
| tree | 83c249aaa01b19e01d419c6af8b220662d3461f2 /crypto | |
| parent | 7eb201b98925bcf50447e270d25f1f1a2243cc71 (diff) | |
| download | libcore-1facc8bfbb4ca824bc5a4c57bc13a9c092991fc5.zip libcore-1facc8bfbb4ca824bc5a4c57bc13a9c092991fc5.tar.gz libcore-1facc8bfbb4ca824bc5a4c57bc13a9c092991fc5.tar.bz2 | |
Call SSL_use_certificate before SSL_use_PrivateKey
Bug: https://code.google.com/p/android/issues/detail?id=54433
Change-Id: Icf39b98802e2c6128e79c44eaf2cabc7b4805cc5
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java index 9b066b5..f8a4a98 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java @@ -506,6 +506,11 @@ public class OpenSSLSocketImpl return; } + // Note that OpenSSL says to use SSL_use_certificate before SSL_use_PrivateKey. + + byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); + NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); + try { final OpenSSLKey key = OpenSSLKey.fromPrivateKey(privateKey); NativeCrypto.SSL_use_PrivateKey(sslNativePointer, key.getPkeyContext()); @@ -513,9 +518,6 @@ public class OpenSSLSocketImpl throw new SSLException(e); } - byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); - NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); - // checks the last installed private key and certificate, // so need to do this once per loop iteration NativeCrypto.SSL_check_private_key(sslNativePointer); |