archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 14:24:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8296742: Illegal X509 Extension should not be created

Browse source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2022-11-22 22:21:50 +00:00
parent a6c418eaf8
commit e174558cad
28 changed files with 303 additions and 92 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/java.base/share/classes/sun/security/tools/keytool/Main.java
View file

@ -1582,7 +1582,11 @@ public final class Main {
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.setExtension("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
int code = Integer.parseInt(id.substring(d+1));
if (code <= 0) {
throw new Exception("Reason code must be positive");
}
ext.setExtension("Reason", new CRLReasonCodeExtension(code));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
@ -4632,6 +4636,9 @@ public final class Main {
continue;
}
int exttype = oneOf(name, extSupported);
if (exttype != -1 && value != null && value.isEmpty()) {
throw new Exception(rb.getString("Illegal.value.") + extstr);
}
switch (exttype) {
case 0: // BC
int pathLen = -1;