RFR: X509Certificate.get{Subject,Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable [v3]

Weijun Wang weijun at openjdk.java.net
Tue Oct 26 19:57:11 UTC 2021


On Tue, 26 Oct 2021 19:35:42 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> The JDK implementation (as supplied by the "SUN" provider) of `X509Certificate::getSubjectAlternativeNames` and `X509Certificate::getIssuerAlternativeNames` returns `null` instead of throwing a `CertificateParsingException` when the extension is unparseable.
>> 
>> This fix changes the behavior to comply with the specification.
>> 
>> CSR: https://bugs.openjdk.java.net/browse/JDK-8275822
>
> Sean Mullan has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Fix NPE.

Marked as reviewed by weijun (Reviewer).

-------------

PR: https://git.openjdk.java.net/jdk/pull/6106



More information about the security-dev mailing list