Integrated: 8296072: CertAttrSet::encode and DerEncoder::derEncode should write into DerOutputStream
Weijun Wang
weijun at openjdk.org
Tue Nov 1 12:53:33 UTC 2022
On Fri, 28 Oct 2022 18:20:08 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The argument of the `CertAttrSet::encode` and `DerEncoder::derEncode` interface methods are modified from `OutputStream` to `DerOutputStream`. All implementations are modified the same way.
>
> `OutputStream` is still used by `sun.security.x509.Extension::encode(OutputStream os)` because it's inherited from `java.security.cert.Extension`. The method is now marked final to avoid accidental override.
>
> In `CertificateExtensions` and `CRLExtensions`, only `Extension::encode(DerOutputStream out)` is called. It used to call `CertAttrSet::encode` for a known extension and `Extension::encode(DerOutputStream out)` for an unknown one. This makes sure the overridden `encode` methods in known extensions are always called. Now that they have the same argument, there is no need for this check.
This pull request has now been integrated.
Changeset: 0d0bd7bd
Author: Weijun Wang <weijun at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/0d0bd7bd409c0caa5edebe3d1eacf8e5bb48f984
Stats: 342 lines in 50 files changed: 28 ins; 133 del; 181 mod
8296072: CertAttrSet::encode and DerEncoder::derEncode should write into DerOutputStream
Reviewed-by: xuelei, mullan
-------------
PR: https://git.openjdk.org/jdk/pull/10906
More information about the security-dev
mailing list