RFR: 8308010: X509Key and PKCS8Key allows garbage bytes at the end
Weijun Wang
weijun at openjdk.org
Fri May 12 16:29:52 UTC 2023
When parsing a byte array to a private or public key, it's now converted to a `ByteArrayInputStream` and the parser does not report an error if there are extra bytes at the end.
-------------
Commit messages:
- the fix
Changes: https://git.openjdk.org/jdk/pull/13958/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=13958&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8308010
Stats: 80 lines in 3 files changed: 62 ins; 9 del; 9 mod
Patch: https://git.openjdk.org/jdk/pull/13958.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/13958/head:pull/13958
PR: https://git.openjdk.org/jdk/pull/13958
More information about the security-dev
mailing list