diff options
| author | Brian Carlstrom <bdc@google.com> | 2013-09-06 18:32:11 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2013-09-06 18:32:11 +0000 |
| commit | 2a66ab90d01ee6cc8c6da9ff6f3b28ff3e837dfd (patch) | |
| tree | 5fce132727f7d6f61e1d9178d5074fd253c230a4 /crypto | |
| parent | ad5eb66b31091929bd5a40ce0aa287f647182f8b (diff) | |
| parent | 1facc8bfbb4ca824bc5a4c57bc13a9c092991fc5 (diff) | |
| download | libcore-2a66ab90d01ee6cc8c6da9ff6f3b28ff3e837dfd.zip libcore-2a66ab90d01ee6cc8c6da9ff6f3b28ff3e837dfd.tar.gz libcore-2a66ab90d01ee6cc8c6da9ff6f3b28ff3e837dfd.tar.bz2 | |
Merge "Call SSL_use_certificate before SSL_use_PrivateKey"
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java index 9b066b5..f8a4a98 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java @@ -506,6 +506,11 @@ public class OpenSSLSocketImpl return; } + // Note that OpenSSL says to use SSL_use_certificate before SSL_use_PrivateKey. + + byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); + NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); + try { final OpenSSLKey key = OpenSSLKey.fromPrivateKey(privateKey); NativeCrypto.SSL_use_PrivateKey(sslNativePointer, key.getPkeyContext()); @@ -513,9 +518,6 @@ public class OpenSSLSocketImpl throw new SSLException(e); } - byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); - NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); - // checks the last installed private key and certificate, // so need to do this once per loop iteration NativeCrypto.SSL_check_private_key(sslNativePointer); |