[Updated] RFR: JDK-8032573

Wang Weijun weijun.wang at oracle.com
Wed Oct 15 02:11:19 UTC 2014


Both code changes look fine.

One suggestion: you might want to mention that the first character in invalidcert.pem in the test was "M". It is modified to "X" to be invalid. This would help maintainers understand where it comes from.


On Oct 15, 2014, at 1:42, Jamil Nimeh <jamil.j.nimeh at oracle.com> wrote:

> Hello all, this is another update to JDK-8032573.  This link adds the JDK 8 backport.  It's pretty much the same fix, with the addition of moving a couple StringBuffers to StringBuilders.  I'm also still looking for a yea/nay on the JDK 9 proposed fix as well.
> JDK 9 webrev: http://cr.openjdk.java.net/~ascarpino/8032573/webrev.02/
> JDK 8 webrev: http://cr.openjdk.java.net/~ascarpino/8057141/webrev.01/
> JBS Bug: https://bugs.openjdk.java.net/browse/JDK-8032573
> Thanks,
> --Jamil
> On 10/09/2014 10:09 AM, Jamil Nimeh wrote:
>> Hello all, this is an update to address review comments and some cleanup of a couple warnings given by NetBeans.
>> http://cr.openjdk.java.net/~ascarpino/8032573/webrev.02/
>> Thank you,
>> --Jamil
>> On 09/29/2014 02:11 PM, Jamil Nimeh wrote:
>>> Hello all,
>>> This review fixes a small regression in the generateCertificates() and generateCRLs() methods for the CertificateFactory class.  At some point, input consisting entirely of non-certificate data ceased to throw CertificateException or CRLException and instead returned an empty collection.  This restores the exception-throwing behavior, but only when the entire stream is non-cert data. Cases where there is leading/trailing text around a valid PEM-encoded certificate or CRL will still ignore the leading/trailing data and parse the certificate/CRL properly as before.
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8032573
>>> Review: http://cr.openjdk.java.net/~ascarpino/8032573/webrev.01/
>>> Thank you,
>>> --Jamil

More information about the security-dev mailing list