RFR: 8295068: SSLEngine throws NPE parsing CertificateRequests
Andrey Turbanov
aturbanov at openjdk.org
Thu Jul 6 06:26:54 UTC 2023
On Wed, 5 Jul 2023 20:25:26 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
> JDK-8295068: an NPE is thrown when an invalid `id` is found to match up a `ClientCertificateType`; rather than throwing the `NPE`, we now throw an `IllegalArgumentException`. This does not seem to be a scenario where recovery is possible or desired, so the `IAE` should be the proper behavior.
src/java.base/share/classes/sun/security/ssl/CertificateRequest.java line 131:
> 129: for (byte id : ids) {
> 130: ClientCertificateType cct = ClientCertificateType.valueOf(id);
> 131: if(cct == null) {
Suggestion:
if (cct == null) {
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14778#discussion_r1253989234
More information about the security-dev
mailing list