49 lines
1.8 KiB
Diff
49 lines
1.8 KiB
Diff
|
From af09e89d54b57649cf60363d03f84d129baecd27 Mon Sep 17 00:00:00 2001
|
||
|
From: Michal Srb <michalsrb@gmail.com>
|
||
|
Date: Tue, 7 Jul 2015 02:38:18 +0300
|
||
|
Subject: [PATCH 2/2] Display SHA-1 fingerprint of untrusted certificate in
|
||
|
java client.
|
||
|
|
||
|
---
|
||
|
java/com/tigervnc/rfb/CSecurityTLS.java | 23 +++++++++++++++++++++--
|
||
|
1 file changed, 21 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
|
||
|
index 7633f08..6014502 100644
|
||
|
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
|
||
|
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
|
||
|
@@ -248,9 +248,28 @@ public class CSecurityTLS extends CSecurity {
|
||
|
tm.checkServerTrusted(chain, authType);
|
||
|
} catch (CertificateException e) {
|
||
|
Object[] answer = {"Proceed", "Exit"};
|
||
|
+
|
||
|
+ StringBuilder message = new StringBuilder();
|
||
|
+ message.append(e.getCause().getLocalizedMessage());
|
||
|
+ message.append("\nContinue connecting to this host?");
|
||
|
+
|
||
|
+ try {
|
||
|
+ MessageDigest sha1 = MessageDigest.getInstance("SHA1");
|
||
|
+ sha1.update(chain[0].getEncoded());
|
||
|
+
|
||
|
+ message.append("\nSHA-1 fingerprint: ");
|
||
|
+
|
||
|
+ for(byte B : sha1.digest()) {
|
||
|
+ message.append(Integer.toHexString(0xff & B));
|
||
|
+ message.append(':');
|
||
|
+ }
|
||
|
+ message.deleteCharAt(message.length() - 1);
|
||
|
+ } catch (NoSuchAlgorithmException noSuchAlgorithmException) {
|
||
|
+ // No fingerprint then...
|
||
|
+ }
|
||
|
+
|
||
|
int ret = JOptionPane.showOptionDialog(null,
|
||
|
- e.getCause().getLocalizedMessage()+"\n"+
|
||
|
- "Continue connecting to this host?",
|
||
|
+ message.toString(),
|
||
|
"Confirm certificate exception?",
|
||
|
JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE,
|
||
|
null, answer, answer[0]);
|
||
|
--
|
||
|
2.1.4
|
||
|
|