From b6008b5414beb603adddf3fc407973b4dea014fc Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Sun, 1 Feb 2015 19:47:09 +0000
Subject: [PATCH] Crypto: Catch IAE in generateCertificate()

---
 core/java/src/net/i2p/crypto/DirKeyRing.java   | 3 +++
 core/java/src/net/i2p/crypto/KeyStoreUtil.java | 6 ++++++
 core/java/src/net/i2p/crypto/SU3File.java      | 5 +++++
 3 files changed, 14 insertions(+)

diff --git a/core/java/src/net/i2p/crypto/DirKeyRing.java b/core/java/src/net/i2p/crypto/DirKeyRing.java
index 38ba45bf8e..cc840b36e7 100644
--- a/core/java/src/net/i2p/crypto/DirKeyRing.java
+++ b/core/java/src/net/i2p/crypto/DirKeyRing.java
@@ -61,6 +61,9 @@ class DirKeyRing implements KeyRing {
                     throw new GeneralSecurityException("CN mismatch: " + cn);
             }
             return cert.getPublicKey();
+        } catch (IllegalArgumentException iae) {
+            // java 1.8.0_40-b10, openSUSE
+            throw new GeneralSecurityException("Bad cert", iae);
         } finally {
             try { if (fis != null) fis.close(); } catch (IOException foo) {}
         }
diff --git a/core/java/src/net/i2p/crypto/KeyStoreUtil.java b/core/java/src/net/i2p/crypto/KeyStoreUtil.java
index 3cd641ad68..c374ad1204 100644
--- a/core/java/src/net/i2p/crypto/KeyStoreUtil.java
+++ b/core/java/src/net/i2p/crypto/KeyStoreUtil.java
@@ -248,6 +248,12 @@ public class KeyStoreUtil {
         } catch (IOException ioe) {
             error("Error reading X509 Certificate: " + file.getAbsolutePath(), ioe);
             return false;
+        } catch (IllegalArgumentException iae) {
+            // java 1.8.0_40-b10, openSUSE
+            // Exception in thread "main" java.lang.IllegalArgumentException: Input byte array has wrong 4-byte ending unit
+            // at java.util.Base64$Decoder.decode0(Base64.java:704)
+            error("Error reading X509 Certificate: " + file.getAbsolutePath(), iae);
+            return false;
         } finally {
             try { if (fis != null) fis.close(); } catch (IOException foo) {}
         }
diff --git a/core/java/src/net/i2p/crypto/SU3File.java b/core/java/src/net/i2p/crypto/SU3File.java
index 0f0b6efd3f..bc4d0251c7 100644
--- a/core/java/src/net/i2p/crypto/SU3File.java
+++ b/core/java/src/net/i2p/crypto/SU3File.java
@@ -980,6 +980,11 @@ public class SU3File {
             IOException ioe = new IOException("cert error");
             ioe.initCause(gse);
             throw ioe;
+        } catch (IllegalArgumentException iae) {
+            // java 1.8.0_40-b10, openSUSE
+            IOException ioe = new IOException("cert error");
+            ioe.initCause(iae);
+            throw ioe;
         } finally {
             try { if (fis != null) fis.close(); } catch (IOException foo) {}
         }
-- 
GitLab