archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8286503: Enhance security classes

Browse source 
Reviewed-by: rhalade, mullan, skoivu, weijun
This commit is contained in:
Bradford Wetmore 2023-05-19 00:58:30 +00:00 committed by Henry Jen
parent 195c9b2c48
commit adca97b659
39 changed files with 931 additions and 149 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java
View file

@ -26,6 +26,8 @@
package sun.security.ec;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.*;
@ -41,7 +43,7 @@ import sun.security.pkcs.PKCS8Key;
/**
* Key implementation for EC private keys.
*
* <p>
* ASN.1 syntax for EC private keys from SEC 1 v1.5 (draft):
*
* <pre>
@ -64,6 +66,7 @@ import sun.security.pkcs.PKCS8Key;
*/
public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
@java.io.Serial
private static final long serialVersionUID = 88695385615075129L;
private BigInteger s; // private value
@ -218,4 +221,20 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
"Unexpected error calculating public key", e);
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"ECPrivateKeyImpl keys are not directly deserializable");
}
}

26
src/java.base/share/classes/sun/security/ec/ECPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,6 +27,8 @@ package sun.security.ec;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
@ -44,6 +46,7 @@ import sun.security.x509.*;
*/
public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
@java.io.Serial
private static final long serialVersionUID = -2462037275160462289L;
@SuppressWarnings("serial") // Type of field is not
@ -123,10 +126,27 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
+ "\n parameters: " + params;
}
protected Object writeReplace() throws java.io.ObjectStreamException {
@java.io.Serial
private Object writeReplace() throws java.io.ObjectStreamException {
return new KeyRep(KeyRep.Type.PUBLIC,
getAlgorithm(),
getFormat(),
getEncoded());
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"ECPublicKeyImpl keys are not directly deserializable");
}
}

18
src/java.base/share/classes/sun/security/ec/XDHPrivateKeyImpl.java
View file

@ -37,6 +37,7 @@ import sun.security.util.*;
public final class XDHPrivateKeyImpl extends PKCS8Key implements XECPrivateKey {
@java.io.Serial
private static final long serialVersionUID = 1L;
@SuppressWarnings("serial") // Type of field is not Serializable
@ -114,5 +115,20 @@ public final class XDHPrivateKeyImpl extends PKCS8Key implements XECPrivateKey {
"Unexpected error calculating public key", e);
}
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"XDHPrivateKeyImpl keys are not directly deserializable");
}
}

25
src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,6 +25,9 @@
package sun.security.ec;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyRep;
@ -39,6 +42,7 @@ import sun.security.x509.X509Key;
public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey {
@java.io.Serial
private static final long serialVersionUID = 1L;
private final BigInteger u;
@ -107,7 +111,8 @@ public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey {
return "XDH";
}
protected Object writeReplace() throws java.io.ObjectStreamException {
@java.io.Serial
private Object writeReplace() throws java.io.ObjectStreamException {
return new KeyRep(KeyRep.Type.PUBLIC,
getAlgorithm(),
getFormat(),
@ -130,5 +135,21 @@ public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey {
j--;
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"XDHPublicKeyImpl keys are not directly deserializable");
}
}

21
src/java.base/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,8 @@
package sun.security.ec.ed;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.security.InvalidKeyException;
import java.security.interfaces.EdECPrivateKey;
import java.util.Optional;
@ -38,6 +40,7 @@ import sun.security.util.*;
public final class EdDSAPrivateKeyImpl
extends PKCS8Key implements EdECPrivateKey {
@java.io.Serial
private static final long serialVersionUID = 1L;
@SuppressWarnings("serial") // Type of field is not Serializable
@ -102,4 +105,20 @@ public final class EdDSAPrivateKeyImpl
public Optional<byte[]> getBytes() {
return Optional.of(getKey());
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"EdDSAPrivateKeyImpl keys are not directly deserializable");
}
}

25
src/java.base/share/classes/sun/security/ec/ed/EdDSAPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,6 +25,9 @@
package sun.security.ec.ed;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyRep;
@ -39,6 +42,7 @@ import sun.security.x509.X509Key;
public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey {
@java.io.Serial
private static final long serialVersionUID = 1L;
@SuppressWarnings("serial") // Type of field is not Serializable
@ -108,7 +112,8 @@ public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey {
return "EdDSA";
}
protected Object writeReplace() throws java.io.ObjectStreamException {
@java.io.Serial
private Object writeReplace() throws java.io.ObjectStreamException {
return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(),
getEncoded());
}
@ -129,4 +134,20 @@ public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey {
j--;
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"EdDSAPublicKeyImpl keys are not directly deserializable");
}
}

27
src/java.base/share/classes/sun/security/provider/DSAPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,17 +25,20 @@
package sun.security.provider;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.KeyRep;
import java.security.InvalidKeyException;
/**
* An X.509 public key for the Digital Signature Algorithm.
*
* <p>
* The difference between DSAPublicKeyImpl and DSAPublicKey is that
* DSAPublicKeyImpl calls writeReplace with KeyRep, and DSAPublicKey
* calls writeObject.
*
* <p>
* See the comments in DSAKeyFactory, 4532506, and 6232513.
*
*/
@ -72,10 +75,26 @@ public final class DSAPublicKeyImpl extends DSAPublicKey {
}
@java.io.Serial
protected Object writeReplace() throws java.io.ObjectStreamException {
private Object writeReplace() throws java.io.ObjectStreamException {
return new KeyRep(KeyRep.Type.PUBLIC,
getAlgorithm(),
getFormat(),
getEncoded());
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"DSAPublicKeyImpl keys are not directly deserializable");
}
}

29
src/java.base/share/classes/sun/security/provider/PolicyFile.java
View file

@ -2098,8 +2098,17 @@ public class PolicyFile extends java.security.Policy {
this.actions.equals(that.actions)))
return false;
if (this.certs.length != that.certs.length)
if ((this.certs == null) && (that.certs == null)) {
return true;
}
if ((this.certs == null) || (that.certs == null)) {
return false;
}
if (this.certs.length != that.certs.length) {
return false;
}
int i,j;
boolean match;
@ -2163,7 +2172,7 @@ public class PolicyFile extends java.security.Policy {
}
public Certificate[] getCerts() {
return certs;
return (certs == null ? null : certs.clone());
}
/**
@ -2176,6 +2185,22 @@ public class PolicyFile extends java.security.Policy {
@Override public String toString() {
return "(SelfPermission " + type + " " + name + " " + actions + ")";
}
/**
* Restores the state of this object from the stream.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
stream.defaultReadObject();
if (certs != null) {
this.certs = certs.clone();
}
}
}
/**

54
src/java.base/share/classes/sun/security/provider/SecureRandom.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,7 @@
package sun.security.provider;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.security.MessageDigest;
import java.security.SecureRandomSpi;
import java.security.NoSuchAlgorithmException;
@ -192,7 +193,7 @@ implements java.io.Serializable {
/**
* This static object will be seeded by SeedGenerator, and used
* to seed future instances of SHA1PRNG SecureRandoms.
*
* <p>
* Bloch, Effective Java Second Edition: Item 71
*/
private static class SeederHolder {
@ -265,18 +266,24 @@ implements java.io.Serializable {
}
/*
* readObject is called to restore the state of the random object from
* a stream. We have to create a new instance of MessageDigest, because
* This method is called to restore the state of the random object from
* a stream.
* <p>
* We have to create a new instance of {@code MessageDigest}, because
* it is not included in the stream (it is marked "transient").
*
* Note that the engineNextBytes() method invoked on the restored random
* object will yield the exact same (random) bytes as the original.
* <p>
* Note that the {@code engineNextBytes()} method invoked on the restored
* random object will yield the exact same (random) bytes as the original.
* If you do not want this behaviour, you should re-seed the restored
* random object, using engineSetSeed().
* random object, using {@code engineSetSeed()}.
*
* @param s the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(java.io.ObjectInputStream s)
throws IOException, ClassNotFoundException {
throws IOException, ClassNotFoundException {
s.defaultReadObject ();
@ -295,5 +302,34 @@ implements java.io.Serializable {
"internal error: SHA-1 not available.", exc);
}
}
// Various consistency checks
if ((remainder == null) && (remCount > 0)) {
throw new InvalidObjectException(
"Remainder indicated, but no data available");
}
// Not yet allocated state
if (state == null) {
if (remainder == null) {
return;
} else {
throw new InvalidObjectException(
"Inconsistent buffer allocations");
}
}
// Sanity check on sizes/pointer
if ((state.length != DIGEST_SIZE) ||
((remainder != null) && (remainder.length != DIGEST_SIZE)) ||
(remCount < 0 ) || (remCount >= DIGEST_SIZE)) {
throw new InvalidObjectException(
"Inconsistent buffer sizes/state");
}
state = state.clone();
if (remainder != null) {
remainder = remainder.clone();
}
}
}

22
src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,9 +25,7 @@
package sun.security.provider.certpath;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.*;
import java.security.cert.CertificateEncodingException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
@ -379,4 +377,20 @@ public class X509CertPath extends CertPath {
public List<X509Certificate> getCertificates() {
return certs;
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"X509CertPaths are not directly deserializable");
}
}

22
src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,8 @@
package sun.security.rsa;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.*;
@ -43,7 +45,7 @@ import sun.security.rsa.RSAUtil.KeyType;
* RSA private key implementation for "RSA", "RSASSA-PSS" algorithms in CRT form.
* For non-CRT private keys, see RSAPrivateKeyImpl. We need separate classes
* to ensure correct behavior in instanceof checks, etc.
*
* <p>
* Note: RSA keys must be at least 512 bits long
*
* @see RSAPrivateKeyImpl
@ -356,4 +358,20 @@ public final class RSAPrivateCrtKeyImpl
throw new InvalidKeyException("Invalid RSA private key", e);
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"RSAPrivateCrtKeyImpl keys are not directly deserializable");
}
}

30
src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,6 +25,9 @@
package sun.security.rsa;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.*;
@ -39,10 +42,11 @@ import sun.security.rsa.RSAUtil.KeyType;
/**
* RSA private key implementation for "RSA", "RSASSA-PSS" algorithms in non-CRT
* form (modulus, private exponent only). For CRT private keys, see
* RSAPrivateCrtKeyImpl. We need separate classes to ensure correct behavior
* in instanceof checks, etc.
*
* form (modulus, private exponent only).
* <p>
* For CRT private keys, see RSAPrivateCrtKeyImpl. We need separate classes
* to ensure correct behavior in instanceof checks, etc.
* <p>
* Note: RSA keys must be at least 512 bits long
*
* @see RSAPrivateCrtKeyImpl
@ -141,4 +145,20 @@ public final class RSAPrivateKeyImpl extends PKCS8Key implements RSAPrivateKey {
+ " bits" + "\n params: " + keyParams + "\n modulus: " + n
+ "\n private exponent: " + d;
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"RSAPrivateKeyImpl keys are not directly deserializable");
}
}

24
src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,8 @@
package sun.security.rsa;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.math.BigInteger;
import java.security.*;
@ -39,7 +41,7 @@ import sun.security.rsa.RSAUtil.KeyType;
/**
* RSA public key implementation for "RSA", "RSASSA-PSS" algorithms.
*
* <p>
* Note: RSA keys must be at least 512 bits long
*
* @see RSAPrivateCrtKeyImpl
@ -233,10 +235,26 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
}
@java.io.Serial
protected Object writeReplace() throws java.io.ObjectStreamException {
private Object writeReplace() throws java.io.ObjectStreamException {
return new KeyRep(KeyRep.Type.PUBLIC,
getAlgorithm(),
getFormat(),
getEncoded());
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"RSAPublicKeyImpl keys are not directly deserializable");
}
}

22
src/java.base/share/classes/sun/security/x509/X509CertImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -536,7 +536,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
/**
* Return the requested attribute from the certificate.
*
* <p>
* Note that the X509CertInfo is not cloned for performance reasons.
* Callers must ensure that they do not modify it. All other
* attributes are cloned.
@ -1218,7 +1218,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
for (GeneralName gname : names.names()) {
GeneralNameInterface name = gname.getName();
List<Object> nameEntry = new ArrayList<>(2);
nameEntry.add(Integer.valueOf(name.getType()));
nameEntry.add(name.getType());
switch (name.getType()) {
case GeneralNameInterface.NAME_RFC822:
nameEntry.add(((RFC822Name) name).getName());
@ -1631,4 +1631,20 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
}
}
}
/**
* Restores the state of this object from the stream.
* <p>
* Deserialization of this object is not supported.
*
* @param stream the {@code ObjectInputStream} from which data is read
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
@java.io.Serial
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
throw new InvalidObjectException(
"X509CertImpls are not directly deserializable");
}
}