archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8296900: CertificateValidity fields are not optional

Browse source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2022-11-14 19:46:43 +00:00
parent 3eb789af74
commit a7c2338a6d
2 changed files with 75 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

65
src/java.base/share/classes/sun/security/x509/CertificateValidity.java
View file

@ -27,6 +27,7 @@ package sun.security.x509;
import java.io.IOException;
import java.security.cert.*;
import java.util.Date;
import java.util.Objects;
import sun.security.util.*;
@ -46,8 +47,8 @@ public class CertificateValidity implements DerEncoder {
static final long YR_2050 = 2524608000000L;
// Private data members
private Date notBefore;
private Date notAfter;
private final Date notBefore;
private final Date notAfter;
// Returns the first time the certificate is valid.
public Date getNotBefore() {
@ -59,8 +60,27 @@ public class CertificateValidity implements DerEncoder {
return new Date(notAfter.getTime());
}
// Construct the class from the DerValue
private void construct(DerValue derVal) throws IOException {
/**
* The constructor for this class for the specified interval.
*
* @param notBefore the date and time before which the certificate
* is not valid
* @param notAfter the date and time after which the certificate is
* not valid
*/
public CertificateValidity(Date notBefore, Date notAfter) {
this.notBefore = Objects.requireNonNull(notBefore);
this.notAfter = Objects.requireNonNull(notAfter);
}
/**
* Create the object, decoding the values from the passed DER stream.
*
* @param in the DerInputStream to read the CertificateValidity from
* @exception IOException on decoding errors.
*/
public CertificateValidity(DerInputStream in) throws IOException {
DerValue derVal = in.getDerValue();
if (derVal.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoded CertificateValidity, " +
"starting sequence tag missing.");
@ -91,41 +111,10 @@ public class CertificateValidity implements DerEncoder {
}
}
/**
* Default constructor for the class.
*/
public CertificateValidity() { }
/**
* The default constructor for this class for the specified interval.
*
* @param notBefore the date and time before which the certificate
* is not valid.
* @param notAfter the date and time after which the certificate is
* not valid.
*/
public CertificateValidity(Date notBefore, Date notAfter) {
this.notBefore = notBefore;
this.notAfter = notAfter;
}
/**
* Create the object, decoding the values from the passed DER stream.
*
* @param in the DerInputStream to read the CertificateValidity from.
* @exception IOException on decoding errors.
*/
public CertificateValidity(DerInputStream in) throws IOException {
DerValue derVal = in.getDerValue();
construct(derVal);
}
/**
* Return the validity period as user readable string.
*/
public String toString() {
if (notBefore == null || notAfter == null)
return "";
return "Validity: [From: " + notBefore +
",\n To: " + notAfter + ']';
}
@ -139,12 +128,6 @@ public class CertificateValidity implements DerEncoder {
@Override
public void encode(DerOutputStream out) throws IOException {
// in cases where default constructor is used check for
// null values
if (notBefore == null || notAfter == null) {
throw new IOException("CertificateValidity:" +
" null values to encode.\n");
}
DerOutputStream pair = new DerOutputStream();
if (notBefore.getTime() < YR_2050) {