RFR: 8251468: X509Certificate.get{Subject, Issuer}AlternativeNames does not throw CertificateParsingException if extension is unparseable
Sean Mullan
mullan at openjdk.java.net
Mon Oct 25 13:30:45 UTC 2021
The JDK implementation (as supplied by the "SUN" provider) of `X509Certificate::getSubjectAlternativeNames` and `X509Certificate::getIssuerAlternativeNames` returns `null` instead of throwing a `CertificateParsingException` when the extension is unparseable.
This fix changes the behavior to comply with the specification.
CSR: https://bugs.openjdk.java.net/browse/JDK-8275822
-------------
Commit messages:
- Remove trailing whitespace.
- 8251468: X509Certificate.get{Subject,Issuer}AlternativeNames does not throw CertificateParsingException if extension is unparseable
Changes: https://git.openjdk.java.net/jdk/pull/6106/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6106&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8251468
Stats: 199 lines in 4 files changed: 157 ins; 33 del; 9 mod
Patch: https://git.openjdk.java.net/jdk/pull/6106.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/6106/head:pull/6106
PR: https://git.openjdk.java.net/jdk/pull/6106
More information about the security-dev
mailing list