-
Bug
-
Resolution: Not an Issue
-
P4
-
6
-
None
-
x86
-
linux_redhat_3.0
Execute the attached java code with option, -Djava.security.debug=all, generates output included the following:
java.io.IOException: invalid URI name:file://\\IONPULSE.jdksec.sfbay.sun.com\CertEnroll\MS CA(1).crl
at sun.security.x509.URIName.<init>(URIName.java:92)
at sun.security.x509.URIName.<init>(URIName.java:79)
at sun.security.x509.GeneralName.<init>(GeneralName.java:105)
at sun.security.x509.GeneralName.<init>(GeneralName.java:59)
at sun.security.x509.GeneralNames.<init>(GeneralNames.java:51)
at sun.security.x509.DistributionPoint.<init>(DistributionPoint.java:193)
at sun.security.x509.CRLDistributionPointsExtension.<init>(CRLDistributionPointsExtension.java:165)
at sun.security.x509.CRLDistributionPointsExtension.<init>(CRLDistributionPointsExtension.java:139)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:93)
at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:69)
at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:59)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:726)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:152)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1698)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:90)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:305)
at invaliduri.main(invaliduri.java:15)
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: file://\\IONPULSE.jdksec.sfbay.sun.com\CertEnroll\MS CA(1).crl
at java.net.URI$Parser.fail(URI.java:2809)
at java.net.URI$Parser.parseAuthority(URI.java:3147)
at java.net.URI$Parser.parseHierarchical(URI.java:3058)
at java.net.URI$Parser.parse(URI.java:3014)
at java.net.URI.<init>(URI.java:578)
at sun.security.x509.URIName.<init>(URIName.java:90)
... 21 more
0000: 30 81 89 30 81 86 A0 81 83 A0 81 80 86 3E 68 74 0..0.........>ht
0010: 74 70 3A 2F 2F 69 6F 6E 70 75 6C 73 65 2E 6A 64 tp://ionpulse.jd
0020: 6B 73 65 63 2E 73 66 62 61 79 2E 73 75 6E 2E 63 ksec.sfbay.sun.c
0030: 6F 6D 2F 43 65 72 74 45 6E 72 6F 6C 6C 2F 4D 53 om/CertEnroll/MS
0040: 25 32 30 43 41 28 31 29 2E 63 72 6C 86 3E 66 69 %20CA(1).crl.>fi
0050: 6C 65 3A 2F 2F 5C 5C 49 4F 4E 50 55 4C 53 45 2E le://\\IONPULSE.
0060: 6A 64 6B 73 65 63 2E 73 66 62 61 79 2E 73 75 6E jdksec.sfbay.sun
0070: 2E 63 6F 6D 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C .com\CertEnroll\
0080: 4D 53 20 43 41 28 31 29 2E 63 72 6C MS CA(1).crl
x509: Error parsing extension: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
The attached certificate is generated by MS CA. MS CA may have produce certificate with invalid URI. In the interest of interoperability, java should be able to parse the invalid URI. In the interest of interoperability, java should follow the "eat grass, produce milk" principal.
java.io.IOException: invalid URI name:file://\\IONPULSE.jdksec.sfbay.sun.com\CertEnroll\MS CA(1).crl
at sun.security.x509.URIName.<init>(URIName.java:92)
at sun.security.x509.URIName.<init>(URIName.java:79)
at sun.security.x509.GeneralName.<init>(GeneralName.java:105)
at sun.security.x509.GeneralName.<init>(GeneralName.java:59)
at sun.security.x509.GeneralNames.<init>(GeneralNames.java:51)
at sun.security.x509.DistributionPoint.<init>(DistributionPoint.java:193)
at sun.security.x509.CRLDistributionPointsExtension.<init>(CRLDistributionPointsExtension.java:165)
at sun.security.x509.CRLDistributionPointsExtension.<init>(CRLDistributionPointsExtension.java:139)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:93)
at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:69)
at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:59)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:726)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:152)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1698)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:90)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:305)
at invaliduri.main(invaliduri.java:15)
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: file://\\IONPULSE.jdksec.sfbay.sun.com\CertEnroll\MS CA(1).crl
at java.net.URI$Parser.fail(URI.java:2809)
at java.net.URI$Parser.parseAuthority(URI.java:3147)
at java.net.URI$Parser.parseHierarchical(URI.java:3058)
at java.net.URI$Parser.parse(URI.java:3014)
at java.net.URI.<init>(URI.java:578)
at sun.security.x509.URIName.<init>(URIName.java:90)
... 21 more
0000: 30 81 89 30 81 86 A0 81 83 A0 81 80 86 3E 68 74 0..0.........>ht
0010: 74 70 3A 2F 2F 69 6F 6E 70 75 6C 73 65 2E 6A 64 tp://ionpulse.jd
0020: 6B 73 65 63 2E 73 66 62 61 79 2E 73 75 6E 2E 63 ksec.sfbay.sun.c
0030: 6F 6D 2F 43 65 72 74 45 6E 72 6F 6C 6C 2F 4D 53 om/CertEnroll/MS
0040: 25 32 30 43 41 28 31 29 2E 63 72 6C 86 3E 66 69 %20CA(1).crl.>fi
0050: 6C 65 3A 2F 2F 5C 5C 49 4F 4E 50 55 4C 53 45 2E le://\\IONPULSE.
0060: 6A 64 6B 73 65 63 2E 73 66 62 61 79 2E 73 75 6E jdksec.sfbay.sun
0070: 2E 63 6F 6D 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C .com\CertEnroll\
0080: 4D 53 20 43 41 28 31 29 2E 63 72 6C MS CA(1).crl
x509: Error parsing extension: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
The attached certificate is generated by MS CA. MS CA may have produce certificate with invalid URI. In the interest of interoperability, java should be able to parse the invalid URI. In the interest of interoperability, java should follow the "eat grass, produce milk" principal.