You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Not a bug. This is just a default password which is emitted to a default configuration file. The actual password is the one that is configured by the user in the configuration file. Also this is in an API which is confined to the localhost and off-by-default.
*/
public static KeyStore createKeyStore(File ksFile, String password)
throws GeneralSecurityException, IOException {
boolean exists = ksFile != null && ksFile.exists();
char[] pwchars = password != null ? password.toCharArray() : null;
Do not hardcode passwords in code. Found hardcoded password used in
core/java/src/net/i2p/crypto/KeyStoreUtil.java#L155)
following lines 155,170,204,223,245,251,258,1021,1050,1152,1184,1209,1443,
DEFAULT_KEYSTORE_PASSWORD.toCharArray());
password.toCharArray() :
ksPW.toCharArray()
apps/i2pcontrol/java/net/i2p/i2pcontrol/security/SecurityManager.java#L43)
The text was updated successfully, but these errors were encountered: