Review Request for JDK-8025708 : Certificate Path Building problem with AKI serial number
Sean Mullan
sean.mullan at oracle.com
Thu Feb 13 13:04:23 UTC 2014
See: http://cr.openjdk.java.net/~mullan/webrevs/8025708/webrev/
This fixes a problem with the PKIX CertPathBuilder where it wasn't able
to build a path when the Authority Key Identifier extension of an
intermediate CA cert did not contain a serial number field, and the end
entity cert did.
The problem was in the AdaptableX509CertSelector class. It was reusing
this selector without re-initializing certain fields. I changed the
implementation of this class so that it doesn't have this issue anymore.
Thanks,
Sean
More information about the security-dev
mailing list