首頁 探索 說明
登入
mirror
/
OpenEUICC
镜像来自 https://gitea.angry.im/PeterCxy/OpenEUICC.git
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

lpac-jni: Always add GSMA ROOT CI1

Peter Cai 1 年之前
父節點
6d200d14ac
當前提交
a1b2643625
共有 1 個文件被更改,包括 3 次插入2 次删除
分割檢視 顯示文件統計
  1. 3 2
      libs/lpac-jni/src/main/java/net/typeblog/lpac_jni/impl/RootCertificates.kt

+ 3 - 2
libs/lpac-jni/src/main/java/net/typeblog/lpac_jni/impl/RootCertificates.kt
查看文件 

@@ -24,8 +24,9 @@ internal fun keyIdToKeystore(keyIds: Array<String>): KeyStore {
 
         }
 
     }
 
 
-    // If no known certs have been added, add at least the default GSMA CI
 
-    if (ret.size() == 0) {
 
+    // At the very least, we should always have GSMA ROOT CI1 trusted
 
+    // many servers supporting custom roots are served with GSMA ROOT CI1 for TLS
 
+    if (!ret.isCertificateEntry(DEFAULT_PKID_GSMA_RSP2_ROOT_CI1)) {
 
         getCertificate(DEFAULT_PKID_GSMA_RSP2_ROOT_CI1)?.let { cert ->
 
             ret.setCertificateEntry(DEFAULT_PKID_GSMA_RSP2_ROOT_CI1, cert)
 
         }