Skip to content

Commit

Permalink
Merge branch 'develop' into devsecops
Browse files Browse the repository at this point in the history
  • Loading branch information
aleks-ivanov committed Nov 22, 2024
2 parents 4ebeb7f + cc02e83 commit 6cd6776
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 31 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -258,13 +258,11 @@ public virtual void ValidChainRequiredExtensionNegativeTest() {
certificateRetriever.SetTrustedCertificates(JavaCollectionsUtil.SingletonList(rootCert));
ValidationReport report = validator.ValidateCertificate(baseContext.SetCertificateSource(CertificateSource
.CERT_ISSUER), signingCert, DateTimeUtil.GetCurrentUtcTime());
AssertValidationReport.AssertThat(report, (a) => a.HasNumberOfFailures(2).HasNumberOfLogs(3).HasLogItem((la
AssertValidationReport.AssertThat(report, (a) => a.HasNumberOfFailures(1).HasNumberOfLogs(2).HasLogItem((la
) => la.WithCheckName(CertificateChainValidator.CERTIFICATE_CHECK).WithMessage(CertificateChainValidator
.CERTIFICATE_TRUSTED, (l) => rootCert.GetSubjectDN()).WithCertificate(rootCert)).HasLogItem((la) => la
.WithCheckName(CertificateChainValidator.EXTENSIONS_CHECK).WithMessage(CertificateChainValidator.EXTENSION_MISSING
, (l) => OID.X509Extensions.KEY_USAGE).WithCertificate(signingCert)).HasLogItem((la) => la.WithCheckName
(CertificateChainValidator.EXTENSIONS_CHECK).WithMessage(CertificateChainValidator.EXTENSION_MISSING,
(l) => OID.X509Extensions.BASIC_CONSTRAINTS).WithCertificate(signingCert)));
, (l) => OID.X509Extensions.KEY_USAGE).WithCertificate(signingCert)));
}

[NUnit.Framework.Test]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ XGuUMqts5sfBVCeZ4YXmtFEFhypo9sZgQ82yj8D/n53oyOfGok9sZtQO5d/KL523
6UISiCz3koNIaqnFJejITnmHrE7SgvE=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDhDCCAmygAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCQkUx
MIIDfjCCAmagAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCQkUx
DjAMBgNVBAoMBWlUZXh0MS0wKwYDVQQDDCRpVGV4dFRlc3RJbnZhbGlkQmFzaWND
b25zdHJhaW50c1Jvb3QwIBcNMDAwMTAxMDAwMDAwWhgPMjUwMDAxMDEwMDAwMDBa
MFQxCzAJBgNVBAYTAkJFMQ4wDAYDVQQKDAVpVGV4dDE1MDMGA1UEAwwsaVRleHRU
Expand All @@ -30,15 +30,15 @@ AavE6DhwVCrfVlWDvamF+Sewnf2KuIxeWaYciy5TQ/nIa8CcD3qDJsYjYUK6L+Ro
E+Lb5YMKOEUpc2p4XZvLXmOIOl3AEe2AnIDxREk1gfu6BYFyzmju8rHLSy7ua/I5
672qude/EPGG+jyb+ajIbyNSsL65hkOrJUcJtlRIhJQVCZ39hcNdA8lRBrVzq1NW
gnExyFsqlIYpAuD1IsnS/r1kMOzjPai/AhPOqpnB6ogZp+Dr99wYY57Dv9BdfvKt
guX608D5m0Rp3yrEQ/X5m9frTvp09MCHKMU+X9+14LZiaod3AtQVAgMBAAGjZjBk
guX608D5m0Rp3yrEQ/X5m9frTvp09MCHKMU+X9+14LZiaod3AtQVAgMBAAGjYDBe
MB0GA1UdDgQWBBQ3AGQi1plfpKj08MVTNx54NFkCczAfBgNVHSMEGDAWgBTvssgF
UYUg7luFw9zAr9tZuQouvDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
AwICBDANBgkqhkiG9w0BAQsFAAOCAQEANzdFjm4iasZpvPwPEeoulmGr33Ofp0L+
IQ03ZYjgUDSx3xuUhfpZHgmEcoovQz6IGw0wlp4W7HJ8rqaj3aLEte7ZXF2mpaTQ
vGU3suY3SXTLTZq2TinA0KEToaObX9XLVTJTe6GNMcNf1uAQnQVzOgm3kNpnqcLp
QyNZrUH+q4q6gO9EcdMAq4oFXvqPkxYy01B9eHChrASWV3/CsbuyLUDnY1ZduGGZ
yXF8/NiAgsYQk12cryo5sbkHzpbH62zSwdvzf4s/dp95Tub9bxdta7NYVJL0eOe7
nTMcY6TMT7FXFIkpZ3nr2zEonGMf+zM5qG2crqtteHGbWqmp3f8R/Q==
UYUg7luFw9zAr9tZuQouvDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwICBDAN
BgkqhkiG9w0BAQsFAAOCAQEAf24wYLRrsQqfeRSsX2hXmaxzVOzk6Mqrk85RJo4i
gnEzn7Ztevxjuomh2yHmgSet7viv8kV+AL+nDmMEXRF6/PDmTwHAB6dpO9GQLBHm
2TNGzGEbdJebVSPxC7PuYjZYWffNsfP7LKQ+sqQGZ+tfi8UVcLHCzrgoqzWXw0zl
cS4rR7qNr0w37SfFYdzWOQjdbIUJbN++zQy7cyZrbPvxbAftmnehe3CUbwl7FZER
jLE2uTcvJteCySld5UvRoDVTQ9nbijZn8rRUGleHpPpPYlBKBf28E2PqDW4W88hH
o8s9Nv2AcrM5tAzMeT1zDDTkqru7lrDMnrVv0LIcOVnfAA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDfDCCAmSgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwTDELMAkGA1UEBhMCQkUx
Expand All @@ -53,11 +53,11 @@ nKtH+CEOZ4rtG2zxDSRhw7HishUYc0U886txYVtZJ+PfCzblntecsNNaucJCCHZB
H0aF9yHsleumVL2i24ELHY5izNHH75rM4kpWFPUXD9dMwU7UUDpL9RoW92HpG7X/
CTDPZGzHRt8srUtFH4S2b0cI0lCW0eW7dkmIYleWQwIDAQABo2YwZDAdBgNVHQ4E
FgQU77LIBVGFIO5bhcPcwK/bWbkKLrwwHwYDVR0jBBgwFoAU77LIBVGFIO5bhcPc
wK/bWbkKLrwwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwDQYJ
KoZIhvcNAQELBQADggEBAA3Nyit5cNUHE9hVpEZ4mkpYoHDiw7NfHqmuhRC4Gnsy
oVaVgQmDJH52EwWLqpZkQCSr3gwJv+OZZ1oR+LW1qRSyXqIcoLzyuxj3sBclbwzE
XCknvNT1D2Kbd2mubz37GwwdzN4T59lWO371aIT4uoYWaTIdkYFCiONydfsKzBsS
uEGb1z94pZ71Kt00jwrG8CP841Cdw5RRsb39AAI9k8Gy4+g24HZeLI+Z4/ZlmsFG
XNgx5PDZpNZ5W+xlEc5W7ksL675AoD51yoW9d/J7DXg7NI5ur5MxOUf+T0wQh/W5
9uwx924xwDeeHdLBxdZHsN9v4eVIxELr9huFrN9SbRQ=
wK/bWbkKLrwwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAgQwDQYJ
KoZIhvcNAQELBQADggEBAIvnCJDfXzogEVy9e0lpQHJAu5cxgh08wO0yUOUAwLDe
1HQPoEa+Vhe6BQcdJkwz6ksdY1TH65XvxXGkIaNLgkebtoF3eRyZ+pW3SKu+ivGw
P/A45ls/4ecoNHwUZLhcCtkgzjftdHCjwDOcZA4kC2+KpZ5udji0Eq1mTmMy0gMC
2qMzvsp2+r+37Klk1HJdRTiBsA+Z+JE60ptz3eE5jhocqTf5f6+giYyok3HDHsrQ
9yFUA1Gn0hjPkij4SKHKbv+TW5dnqy1gN5O3V1eGL9vjpAW9C1hJ6NblKvA41s7e
NVCNR2ugsjseNrPyL2RZYMqh4NO/mF9Mp0aDerwx81M=
-----END CERTIFICATE-----
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ You should have received a copy of the GNU Affero General Public License
using iText.Commons.Bouncycastle;
using iText.Commons.Bouncycastle.Cert;
using iText.Kernel.Crypto;
using iText.Signatures;

namespace iText.Signatures.Validation.Extensions {
/// <summary>
Expand Down Expand Up @@ -63,15 +62,7 @@ public DynamicBasicConstraintsExtension()
/// otherwise
/// </returns>
public override bool ExistsInCertificate(IX509Certificate certificate) {
try {
if (CertificateUtil.GetExtensionValue(certificate, OID.X509Extensions.BASIC_CONSTRAINTS) == null) {
return false;
}
}
catch (System.IO.IOException) {
return false;
}
return certificate.GetBasicConstraints() >= GetCertificateChainSize();
return certificate.GetBasicConstraints() >= GetCertificateChainSize() - 1;
}
}
}
2 changes: 1 addition & 1 deletion port-hash
Original file line number Diff line number Diff line change
@@ -1 +1 @@
606588ac45e658d125e76fd247d8e0f26bbe0567
40d73e9d7d6d3a88afc6d27275c504597b8a8c4e

0 comments on commit 6cd6776

Please sign in to comment.