[jdk17u-dev] RFR: 8296072: CertAttrSet::encode and DerEncoder::derEncode should write into DerOutputStream [v2]
Matthias Baesken
mbaesken at openjdk.org
Tue Mar 4 13:24:06 UTC 2025
On Tue, 4 Mar 2025 13:19:38 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
>> I backport this for parity with 17.0.16-oracle.
>>
>> I had to resolve a hand full of files, but the conflicts are all
>> trivial. Wasn't there the copyright change in SignerOrder.java
>> I think it would be clean.
>>
>> src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
>> src/java.base/share/classes/sun/security/pkcs10/PKCS10Attributes.java
>> Removed import by hand.
>>
>> src/java.base/share/classes/sun/security/util/DerEncoder.java
>> Trivial resolve due to context
>>
>> src/java.base/share/classes/sun/security/util/DerOutputStream.java
>> Removed import by hand.
>>
>> src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java
>> Resolved due to context.
>>
>> src/java.base/share/classes/sun/security/x509/CRLExtensions.java
>> Code formatted differently.
>>
>> src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java
>> There is a dead variable in the context.
>>
>> src/java.base/share/classes/sun/security/x509/CertificateIssuerExtension.java
>> Copyright.
>>
>> src/java.base/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java
>> There is a dead variable in the context.
>>
>> src/java.base/share/classes/sun/security/x509/Extension.java
>> A bit more complex, but straight forward to resolve.
>>
>> src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java
>> Resolve imports.
>>
>> src/java.base/share/classes/sun/security/x509/InvalidityDateExtension.java
>> src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java
>> test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java
>> Copyright
>>
>> A follow up is needed: [JDK-8296167](https://bugs.openjdk.org/browse/JDK-8296167). It is included
>> here.
>>
>> I ran all of the following tests, and they pass:
>> test/jdk/sun/security/
>>
>> I had a look at the related issues.
>> All of them were pushed after this change.
>> Some are clear cleanups, marked as enhancements. Others
>> are labeled as bug, but as I understand they are not
>> caused by this change, so they aren't required follow ups.
>> They rather are deficiencies of the previous implementation
>> and fixing them depended on this change, so they could all
>> be finished after pushing this. In detail:
>>
>> Bug JDK-8297723 asn1Encode methods in Kerberos throw IOException and Asn1Exception
>> Cleanup of exceptions. Not yet fixed. No issue for 17, omit.
>> Bug JDK-8296736 Some PKCS9Attribute can be created but cannot be encoded
>> This looks like a useful bugfix, but I don't think it is directly related.
>>...
>
> Goetz Lindenmaier has updated the pull request incrementally with one additional commit since the last revision:
>
> Fix Coyright.
Marked as reviewed by mbaesken (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk17u-dev/pull/3313#pullrequestreview-2657460864
More information about the jdk-updates-dev
mailing list