code review request: 6948781: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate

Sean Mullan sean.mullan at oracle.com
Thu May 20 12:58:02 PDT 2010


Looks good to me.

--Sean

On 5/3/10 9:50 PM, Weijun Wang wrote:
> Hi All
>
> Please review the following code change:
>
>     http://cr.openjdk.java.net/~weijun/6948781/webrev.00/
>
>> === *Evaluation* =============================================================
>> The new parser in 6813340 is too loose in checking the footer, it simply checks if the line starts with a "-".
>>
>> It should:
>>
>> 1. Check if header looks like "-----BEGIN (.*)-----"
>> 2. Check if footer looks like "-----END (.*)-----"
>> 3. Check if the two .* above are identical
>
> Thanks
> Max
>
> On May 4, 2010, at 9:42 AM, Weijun.Wang at Sun.COM wrote:
>
>> *Change Request ID*: 6948781
>>
>> *Synopsis*: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate
>>
>> === *Description* ============================================================
>> The JCK test api/java_security/cert/CertificateFactory/index.html#generate[CertificateFactory2013]
>> passes to the method CertificateFactory.generateCertificate(InputStream) file with two RFC 1421 certificates, first of them doesn't have trailing "-----END CERTIFICATE-----". The CertificateFactory.generateCertificate parses first certificate(without end-of-certificate marker) and fails with CertificateException while parsing second certificate.
>>
>> The spec for generateCertificate(InputStream) states:
>> "If the data in the input stream does not contain an inherent end-of-certificate marker (other than EOF) and there is trailing data after the certificate is parsed, a CertificateException is thrown."
>> Hence the method should throw CertificateException either in response on the first certificate without  end-of-certificate marker or on the union of two certificates which are not the valid certificate.
>>
>> The JCK test mentioned above fails since b89, so it seems that the issue is related to CR 6813340.
>> The minimized test and file with certificates are attached to CR.
>



More information about the security-dev mailing list