diff options
| -rw-r--r-- | src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java b/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java index 795fa1a0..1dea5229 100644 --- a/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java +++ b/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java @@ -144,8 +144,9 @@ public class CertBlacklist { String pubkeyBlacklist = readBlacklist(path); if (!pubkeyBlacklist.equals("")) { for (String value : pubkeyBlacklist.split(",")) { + value = value.trim(); if (isPubkeyHash(value)) { - bl.add(Hex.decode(value)); + bl.add(value.getBytes()); } else { System.logW("Tried to blacklist invalid pubkey " + value); } @@ -161,7 +162,12 @@ public class CertBlacklist { digest.update(encoded, 0, encoded.length); byte[] out = new byte[digest.getDigestSize()]; digest.doFinal(out, 0); - return pubkeyBlacklist.contains(out); + for (byte[] blacklisted : pubkeyBlacklist) { + if (Arrays.equals(blacklisted, Hex.encode(out))) { + return true; + } + } + return false; } public boolean isSerialNumberBlackListed(BigInteger serial) { |