RFR: X509Certificate.get{Subject,Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable [v3]
Sean Mullan
mullan at openjdk.java.net
Tue Oct 26 19:35:42 UTC 2021
> The JDK implementation (as supplied by the "SUN" provider) of `X509Certificate::getSubjectAlternativeNames` and `X509Certificate::getIssuerAlternativeNames` returns `null` instead of throwing a `CertificateParsingException` when the extension is unparseable.
>
> This fix changes the behavior to comply with the specification.
>
> CSR: https://bugs.openjdk.java.net/browse/JDK-8275822
Sean Mullan has updated the pull request incrementally with one additional commit since the last revision:
Fix NPE.
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/6106/files
- new: https://git.openjdk.java.net/jdk/pull/6106/files/10172038..371a384d
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6106&range=02
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6106&range=01-02
Stats: 9 lines in 1 file changed: 9 ins; 0 del; 0 mod
Patch: https://git.openjdk.java.net/jdk/pull/6106.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/6106/head:pull/6106
PR: https://git.openjdk.java.net/jdk/pull/6106
More information about the security-dev
mailing list