A PEM base64 decoder?
Wang Weijun
weijun.wang at oracle.com
Tue Mar 24 01:19:42 UTC 2015
>>>>
>>>> In jdk8, we use Base64.getMimeDecoder() to parse PEM-encoded certs and it ignores every character not in the base-64 alphabet. PEM is more restricted and as I know openssl rejects PEM with illegal chars (Ex, "!" as in bug report and test). This fix will also reject them.
>>> Shouldn't you add a Base64.getPemDecoder() with these semantics? I
>>> think this decoder would be useful in other contexts as well.
>> Sherman, is that possible?
>>
>
> While it is possible personally I will be a little hesitated to add the support for a
> "deprecated" rfc into the "new" Base64 class. Any evidence that PEM is still
> heavily used in other contexts?
Not sure about usage outside the security area, it's heavily used for encoding of certificates, CRLs, private keys, etc.
I did some experiments, creating a PEM certificate including garbage characters, only Firefox accepts it, and it's rejected by IE, openssl, Mac.
--Max
>
> -Sherman
More information about the core-libs-dev
mailing list