RFR: 8277976: Break up SEQUENCE in X509Certiticate#getSubjectAlternativeNames() in otherName
Sean Mullan
mullan at openjdk.java.net
Thu Feb 10 13:48:05 UTC 2022
On Thu, 20 Jan 2022 19:42:22 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The enhancement adds two extra items in the `getSubjectAlternativeNames()` output for an OtherName.
>
> It also fix several errors:
> 1. In `OtherName.java`, `nameValue` should be the value inside `CONTEXT [0]` without the tag and length bytes.
> 2. The argument in constructor `extClass.getConstructor(Object.class)` is suspicious. Maybe it meant `byte[]`.
Looks good, but I think a CSR should also be filed.
src/java.base/share/classes/java/security/cert/X509Certificate.java line 590:
> 588: * integers separated by periods. Directory names (distinguished names)
> 589: * are returned in <a href="http://www.ietf.org/rfc/rfc2253.txt">
> 590: * RFC 2253</a> string format. Othernames are returned as a byte array
Maybe "otherNames" since that is what we call it below.
test/jdk/sun/security/x509/OtherName/Parse.java line 54:
> 52: public class Parse {
> 53:
> 54: public static class MyDNSName extends DNSName {
What's the purpose of the MyDNSName class? You don't seem to do anything with it later in the test.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7167
More information about the security-dev
mailing list