RFR: 8308010: X509Key and PKCS8Key allows garbage bytes at the end [v2]
Weijun Wang
weijun at openjdk.org
Thu May 18 14:48:58 UTC 2023
> When parsing a byte array to a private or public key, it's now converted to a `ByteArrayInputStream` and the parser does not report an error if there are extra bytes at the end.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
add reasons
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/13958/files
- new: https://git.openjdk.org/jdk/pull/13958/files/199c84a0..65357365
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=13958&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=13958&range=00-01
Stats: 12 lines in 2 files changed: 0 ins; 6 del; 6 mod
Patch: https://git.openjdk.org/jdk/pull/13958.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/13958/head:pull/13958
PR: https://git.openjdk.org/jdk/pull/13958
More information about the security-dev
mailing list