[Pkg-mono-svn-commits] [SCM] mono branch, master, updated. debian/2.10.5-1-10-g4067135
Mirco Bauer
meebey at meebey.net
Mon Jan 16 06:01:21 UTC 2012
The following commit has been merged in the master branch:
commit 83468f98d374c57d4fb15c03a6280f2dda100cbb
Author: Sebastien Pouliot <sebastien at ximian.com>
Date: Sun Apr 3 10:07:55 2011 -0400
Avoid throwing (just return false) when verifying an RSA certificate with dsaSHA1
* X509Certificate.cs: Do not throw a CryptographicException for "unknown
hash algorithm" when asked to verify a RSA certificate with dsaSHA1 since
this can happen when a bad/incomplete chain is being tested.
(cherry picked from commit 4b4a4389466bc1e2888ea11d801db32bbd22d1c0)
diff --git a/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs b/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs
index aee471a..5106ff6 100644
--- a/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs
+++ b/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs
@@ -515,6 +515,11 @@ namespace Mono.Security.X509 {
case "1.2.840.113549.1.1.11":
v.SetHashAlgorithm ("SHA256");
break;
+ // SHA1-1 with DSA
+ case "1.2.840.10040.4.3":
+ // invalid but this can occurs when building a bad chain - e.g. missing certificate(s)
+ // we return false so we can report the "chain" error to the user (not an exception)
+ return false;
default:
throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo);
}
--
mono
More information about the Pkg-mono-svn-commits
mailing list