[security-dev 00581]: Re: Code review request: 6780416: New keytool commands/options: -gencert, -printcertreq, -ext
Xuelei Fan
Xuelei.Fan at Sun.COM
Thu Feb 19 08:59:01 UTC 2009
Max (Weijun) Wang wrote:
>> I will look at KeyTool.java tomorrow, others looks fine for me by now.
>
A mini suggestion, would you please also add the "-ext" format into the
usage() output? I did not find what the ext should looks like in the
help message.
Do you have a test case with an empty "Subject" field? If the "Subject"
field is empty, the SAN extension must be present, and marked as critical.
Otherwise, looks fine to me.
Xuelei
>>
>>
>> Xuelei
>>
>> Max (Weijun) Wang wrote:
>>> Hi All
>>>
>>> Can you take a review of this RFE?
>>>
>>> 6780416: New keytool commands/options: -gencert, -printcertreq, -ext
>>> bug: http://bugs.sun.com/view_bug.do?bug_id=6780416
>>> webrev: http://hgrev.appspot.com/show?id=3077
>>>
>>> The spec of the 3 new commands/options is inside the evaluation
>>> section of the bug report.
>>>
>>> The fix is mainly on KeyTool.java, with changes in Resources.java
>>> for l10n strings. Some X.509 files are changed to provide new
>>> constructor, new constants etc. A new class
>>> SubjectInfoAccessExtension.java is created for the extension. The
>>> KeyToolTest.java regression test are updated to cover the new
>>> commands/options.
>>>
>>> If you find the webrev too long, you might only review a part of it.
>>>
>>> Thanks
>>> Max
>>>
>>>
>>
>>
>
More information about the security-dev
mailing list