code review request: 6948781: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate

Weijun Wang Weijun.Wang at Sun.COM
Thu May 20 16:16:34 PDT 2010


Thanks. This mail only has CC to the alias, I almost missed it.

Max

On May 21, 2010, at 3:58 AM, Sean Mullan wrote:

> Looks good to me.
> 
> --Sean
> 
> On 5/3/10 9:50 PM, Weijun Wang wrote:
>> Hi All
>> 
>> Please review the following code change:
>> 
>>    http://cr.openjdk.java.net/~weijun/6948781/webrev.00/
>> 
>>> === *Evaluation* =============================================================
>>> The new parser in 6813340 is too loose in checking the footer, it simply checks if the line starts with a "-".
>>> 
>>> It should:
>>> 
>>> 1. Check if header looks like "-----BEGIN (.*)-----"
>>> 2. Check if footer looks like "-----END (.*)-----"
>>> 3. Check if the two .* above are identical
>> 
>> Thanks
>> Max
>> 
>> On May 4, 2010, at 9:42 AM, Weijun.Wang at Sun.COM wrote:
>> 
>>> *Change Request ID*: 6948781
>>> 
>>> *Synopsis*: CertificateFactory.generateCertificate doesn't throw CertificateException for malformed certificate
>>> 
>>> === *Description* ============================================================
>>> The JCK test api/java_security/cert/CertificateFactory/index.html#generate[CertificateFactory2013]
>>> passes to the method CertificateFactory.generateCertificate(InputStream) file with two RFC 1421 certificates, first of them doesn't have trailing "-----END CERTIFICATE-----". The CertificateFactory.generateCertificate parses first certificate(without end-of-certificate marker) and fails with CertificateException while parsing second certificate.
>>> 
>>> The spec for generateCertificate(InputStream) states:
>>> "If the data in the input stream does not contain an inherent end-of-certificate marker (other than EOF) and there is trailing data after the certificate is parsed, a CertificateException is thrown."
>>> Hence the method should throw CertificateException either in response on the first certificate without  end-of-certificate marker or on the union of two certificates which are not the valid certificate.
>>> 
>>> The JCK test mentioned above fails since b89, so it seems that the issue is related to CR 6813340.
>>> The minimized test and file with certificates are attached to CR.
>> 




More information about the security-dev mailing list