From 18efce236af6a1affebb274838318ba715114218 Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Tue, 25 Feb 2020 09:14:47 -0500
Subject: [PATCH 3/8] Fix base64-encoding of CSRs

In 8de4440c5652f6f1af5b4b923a15730ba84f29e1, the base64 encoder was
changed from apache-commons-codec to the Java standard library to drop
a dependency. However, the behavior changed as a result: the Java
standard library doesn't include a final line separator, whereas
apache-commons-codec did. This results in malformed CSRs:

> YWRPxyBKvFAOB29fwPwBJLZksrwQ0xAs7sooc+qF-----END NEW CERTIFICATE REQUEST-----

Resolves: https://pagure.io/freeipa/issue/8199

Signed-off-by: Alexander Scheel <ascheel@redhat.com>
---
 org/mozilla/jss/netscape/security/util/Utils.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/org/mozilla/jss/netscape/security/util/Utils.java b/org/mozilla/jss/netscape/security/util/Utils.java
index 19f3b1f9..e6e56ce4 100644
--- a/org/mozilla/jss/netscape/security/util/Utils.java
+++ b/org/mozilla/jss/netscape/security/util/Utils.java
@@ -378,7 +378,10 @@ public class Utils {
      * @return base-64 encoded data
      */
     public static String base64encodeMultiLine(byte[] bytes) {
-        return Base64.getMimeEncoder().encodeToString(bytes);
+        // When switching from apache-commons-codec to the standard library,
+        // the standard library does not include a final line separator at
+        // the end of the encoded data. This results in malformed CSRs.
+        return Base64.getMimeEncoder().encodeToString(bytes) + "\r\n";
     }
 
 
-- 
2.24.1