code review request: 7099399: cannot deal with CRL file larger than 16MB
Weijun Wang
weijun.wang at oracle.com
Tue Oct 11 01:05:29 UTC 2011
Webrev at http://cr.openjdk.java.net/~weijun/7099399/webrev.00/
Basically, we're now accepting X.509 block of 4-octets length. For
simplicity, the highest byte must be <= 127, so that the length can be
expressed with a 32-bit int.
Thanks
Max
-------- Original Message --------
*Change Request ID*: 7099399
*Synopsis*: cannot deal with CRL file larger than 16MB
Product: java
Category: java
Subcategory: classes_security
Type: Defect
=== *Description*
============================================================
The X.509 impl of CertificateFactory only parses X.509 blocks smaller
than 16MB, i.e. when the length can be encoded in 3 octets. Now we have
a customer whose CRL file is as big as 30MB.
More information about the security-dev
mailing list