Prevent duplicate certificates in TrustedCertificateIndex
With the separate caching of intermediate certificates in
TrustManagerImpl a given intermediate may be passed into .index multiple
times. Avoid adding the certificate to the list each time.
(cherry-picked from commit d080e064abba665e2dde2a8c113f837ba4d9a85e)
Bug: 26232830
Change-Id: I6bed2c65d9e42e052b9b1b129200a997e7dca745
diff --git a/src/platform/java/org/conscrypt/TrustedCertificateIndex.java b/src/platform/java/org/conscrypt/TrustedCertificateIndex.java
index ea6f712..cdb16d1 100644
--- a/src/platform/java/org/conscrypt/TrustedCertificateIndex.java
+++ b/src/platform/java/org/conscrypt/TrustedCertificateIndex.java
@@ -68,6 +68,15 @@
if (anchors == null) {
anchors = new ArrayList<TrustAnchor>(1);
subjectToTrustAnchors.put(subject, anchors);
+ } else {
+ // Avoid indexing the same certificate multiple times
+ if (cert != null) {
+ for (TrustAnchor entry : anchors) {
+ if (cert.equals(entry.getTrustedCert())) {
+ return;
+ }
+ }
+ }
}
anchors.add(anchor);
}