RFR: 8296072: CertAttrSet::encode should write into DerOutputStream
Weijun Wang
weijun at openjdk.org
Fri Oct 28 18:29:15 UTC 2022
The argument of the `CertAttrSet::encode` interface method is modified from `OutputStream` to `DerOutputStream`. All its implementations are modified the same way.
`OutputStream` is still used by `sun.security.x509.Extension::encode(OutputStream os)` because it's inherited from `java.security.cert.Extension`. The method is now marked final to avoid accidental override.
In `CertificateExtensions` and `CRLExtensions`, only `Extension::encode(DerOutputStream out)` is called. It used to call `CertAttrSet::encode` for a known extension and `Extension::encode(DerOutputStream out)` for an unknown one. This makes sure the overridden `encode` methods in known extensions are always called. Now that they have the same argument, there is no need for this check.
-------------
Commit messages:
- the fix
Changes: https://git.openjdk.org/jdk/pull/10906/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=10906&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8296072
Stats: 198 lines in 36 files changed: 8 ins; 100 del; 90 mod
Patch: https://git.openjdk.org/jdk/pull/10906.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/10906/head:pull/10906
PR: https://git.openjdk.org/jdk/pull/10906
More information about the security-dev
mailing list