RFR: 8277976: Break up SEQUENCE in X509Certiticate::getSubjectAlternativeNames and X509Certiticate::getIssuerAlternativeNames in otherName [v3]
Sean Mullan
mullan at openjdk.java.net
Fri Feb 11 15:02:09 UTC 2022
On Thu, 10 Feb 2022 21:14:17 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> The enhancement adds two extra items in the `getSubjectAlternativeNames()` output for an OtherName.
>>
>> It also fix several errors:
>> 1. In `OtherName.java`, `nameValue` should be the value inside `CONTEXT [0]` without the tag and length bytes.
>> 2. The argument in constructor `extClass.getConstructor(Object.class)` is suspicious. Maybe it meant `byte[]`.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> more precise spec
src/java.base/share/classes/java/security/cert/X509Certificate.java line 594:
> 592: * a third entry in the list containing its {@code type-id} in string
> 593: * format, and a fourth entry containing the ASN.1 DER encoding of
> 594: * its {@code value} without the context-specific constructed tag
To be very specific, I would add that the 4th entry is a byte array, ex: "and a fourth entry as a byte array containing the ASN.1 DER encoding ..."
-------------
PR: https://git.openjdk.java.net/jdk/pull/7167
More information about the security-dev
mailing list