code review request: 6948781: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate

Weijun Wang Weijun.Wang at Sun.COM
Mon May 3 18:50:40 PDT 2010

Hi All

Please review the following code change:

> === *Evaluation* =============================================================
> The new parser in 6813340 is too loose in checking the footer, it simply checks if the line starts with a "-".
> It should:
> 1. Check if header looks like "-----BEGIN (.*)-----"
> 2. Check if footer looks like "-----END (.*)-----"
> 3. Check if the two .* above are identical


On May 4, 2010, at 9:42 AM, Weijun.Wang at Sun.COM wrote:

> *Change Request ID*: 6948781
> *Synopsis*: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate
> === *Description* ============================================================
> The JCK test api/java_security/cert/CertificateFactory/index.html#generate[CertificateFactory2013]
> passes to the method CertificateFactory.generateCertificate(InputStream) file with two RFC 1421 certificates, first of them doesn't have trailing "-----END CERTIFICATE-----". The CertificateFactory.generateCertificate parses first certificate(without end-of-certificate marker) and fails with CertificateException while parsing second certificate.
> The spec for generateCertificate(InputStream) states:
> "If the data in the input stream does not contain an inherent end-of-certificate marker (other than EOF) and there is trailing data after the certificate is parsed, a CertificateException is thrown."
> Hence the method should throw CertificateException either in response on the first certificate without  end-of-certificate marker or on the union of two certificates which are not the valid certificate.
> The JCK test mentioned above fails since b89, so it seems that the issue is related to CR 6813340.
> The minimized test and file with certificates are attached to CR.

More information about the security-dev mailing list