[9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates
Weijun Wang
weijun.wang at oracle.com
Wed Aug 10 00:38:14 UTC 2016
I thought I've seen this webrev before.
Why not just throw a KeyStoreException in validateChain()?
--Max
On 8/10/2016 2:14, Vincent Ryan wrote:
> Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore.
> The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects.
> This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException.
>
> Thanks.
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503
> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/
>
>
More information about the security-dev
mailing list