Integrated: 8251468: X509Certificate.get{Subject, Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable
Sean Mullan
mullan at openjdk.java.net
Fri Oct 29 12:46:24 UTC 2021
On Mon, 25 Oct 2021 12:53:43 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> The JDK implementation (as supplied by the "SUN" provider) of `X509Certificate::getSubjectAlternativeNames` and `X509Certificate::getIssuerAlternativeNames` returns `null` instead of throwing a `CertificateParsingException` when the extension is unparseable.
>
> This fix changes the behavior to comply with the specification.
>
> CSR: https://bugs.openjdk.java.net/browse/JDK-8275822
This pull request has now been integrated.
Changeset: 8cc59509
Author: Sean Mullan <mullan at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/8cc59509fe7c01c9032275798ccd1531eb8f2e9f
Stats: 234 lines in 4 files changed: 182 ins; 36 del; 16 mod
8251468: X509Certificate.get{Subject,Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable
Reviewed-by: weijun
-------------
PR: https://git.openjdk.java.net/jdk/pull/6106
More information about the security-dev
mailing list