summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src
diff options
context:
space:
mode:
Diffstat (limited to 'base/java-tools/src')
-rw-r--r--base/java-tools/src/com/netscape/cmstools/AuditVerify.java21
1 files changed, 18 insertions, 3 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/AuditVerify.java b/base/java-tools/src/com/netscape/cmstools/AuditVerify.java
index b294ad17b..04f49e17d 100644
--- a/base/java-tools/src/com/netscape/cmstools/AuditVerify.java
+++ b/base/java-tools/src/com/netscape/cmstools/AuditVerify.java
@@ -165,6 +165,10 @@ public class AuditVerify {
throw new Exception("Unknown signing certificate key type: " + pubk.getAlgorithm());
}
+ if (verbose) {
+ System.out.println("AuditVerify: Signing algorithm: " + sigAlgorithm);
+ }
+
Signature sig = Signature.getInstance(sigAlgorithm, CRYPTO_PROVIDER);
sig.initVerify(pubk);
@@ -208,15 +212,21 @@ public class AuditVerify {
} else {
- int sigStart = curLine.indexOf("sig: ") + 5;
+ int sigStart = curLine.indexOf("sig: ");
- if (sigStart < 5) {
+ if (sigStart < 0) {
output(linenum, "INVALID SIGNATURE");
++badSigCount;
} else {
- byte[] logSig = base64decode(curLine.substring(sigStart));
+ String signature = curLine.substring(sigStart + 5);
+
+ if (verbose) {
+ System.out.println("AuditVerify: Signature: " + signature);
+ }
+
+ byte[] logSig = base64decode(signature);
// verify the signature
if (sig.verify(logSig)) {
@@ -349,6 +359,11 @@ public class AuditVerify {
"secmod.db")
);
}
+
+ if (verbose) {
+ System.out.println("AuditVerify: Audit signing certificate: " + signerNick);
+ }
+
CryptoManager cm = CryptoManager.getInstance();
X509Certificate signerCert = cm.findCertByNickname(signerNick);
generated by cgit (git 2.34.1) at 2026-01-07 08:21:49 +0000