A PEM base64 decoder?

Wang Weijun weijun.wang at oracle.com
Tue Mar 24 01:19:42 UTC 2015


>>>> 
>>>> In jdk8, we use Base64.getMimeDecoder() to parse PEM-encoded certs and it ignores every character not in the base-64 alphabet. PEM is more restricted and as I know openssl rejects PEM with illegal chars (Ex, "!" as in bug report and test). This fix will also reject them.
>>> Shouldn't you add a Base64.getPemDecoder() with these semantics?  I
>>> think this decoder would be useful in other contexts as well.
>> Sherman, is that possible?
>> 
> 
> While it is possible personally I will be a little hesitated to add the support for a
> "deprecated" rfc into the "new" Base64 class. Any evidence that PEM is still
> heavily used in other contexts?

Not sure about usage outside the security area, it's heavily used for encoding of certificates, CRLs, private keys, etc.

I did some experiments, creating a PEM certificate including garbage characters, only Firefox accepts it, and it's rejected by IE, openssl, Mac.

--Max

> 
> -Sherman




More information about the core-libs-dev mailing list