-
Bug
-
Resolution: Fixed
-
P1
-
6u10
-
b25
-
b25
-
generic
-
generic
When OCSP responder return revoked information for those certificates has been revoked, OCSP validator throw IndexOutOfBoundsException.
========================================================
TEST_CASE: ./testcase/openssl/OpenSSL_User_Revoke
========================================================
PROXY_HOST:null
PROXY_PORT:null
OCSP_ENABLE:true
OCSP_RESPONDER_URL:http://powerpuff.sfbay.sun.com:9996
OCSP_RESPONDER_CERT_SUBJECT_NAME:null
OCSP_RESPONDER_CERT_ISSUER_NAME:null
OCSP_RESPONDER_CERT_SERIAL_NUMBER:null
TRUSTED_ROOT:./data/openssl/RootCAcert.crt
EE_CERT:./data/openssl/userRevoke.crt
EXPECTED_EXCEPTION:java.security.cert.CertPathValidatorException: Certificate has been revoked
========================================================
e.getCause(): java.lang.IndexOutOfBoundsException
e.getLocalizedMessage(): java.lang.IndexOutOfBoundsException
e.getIndex(): 0
RESULT: FALSE
java.security.cert.CertPathValidatorException: java.lang.IndexOutOfBoundsException
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:316)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
at TestOCSP.run(TestOCSP.java:209)
at TestOCSP.main(TestOCSP.java:60)
Caused by: java.lang.IndexOutOfBoundsException
at java.security.cert.CertPathValidatorException.<init>(CertPathValidatorException.java:131)
at sun.security.provider.certpath.CertificateRevokedException.<init>(OCSPChecker.java:490)
at sun.security.provider.certpath.OCSPChecker.check(OCSPChecker.java:370)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:117)
... 5 more
========================================================
This test case failed when running with 6u10 b25 pit bundles , not sure if it's caused by bug fix of #6383078 in this pit. But this testcase can pass with previous build.
For more details , please visit :
http://sqeweb.sfbay/jsn/keep_forbug/jsn_6.0_UR_int-pit_sec_6.0_UR_linux-i586-2008-05-28-00-35-51-0851/dtftest.Linux.i386/OCSP/
========================================================
TEST_CASE: ./testcase/openssl/OpenSSL_User_Revoke
========================================================
PROXY_HOST:null
PROXY_PORT:null
OCSP_ENABLE:true
OCSP_RESPONDER_URL:http://powerpuff.sfbay.sun.com:9996
OCSP_RESPONDER_CERT_SUBJECT_NAME:null
OCSP_RESPONDER_CERT_ISSUER_NAME:null
OCSP_RESPONDER_CERT_SERIAL_NUMBER:null
TRUSTED_ROOT:./data/openssl/RootCAcert.crt
EE_CERT:./data/openssl/userRevoke.crt
EXPECTED_EXCEPTION:java.security.cert.CertPathValidatorException: Certificate has been revoked
========================================================
e.getCause(): java.lang.IndexOutOfBoundsException
e.getLocalizedMessage(): java.lang.IndexOutOfBoundsException
e.getIndex(): 0
RESULT: FALSE
java.security.cert.CertPathValidatorException: java.lang.IndexOutOfBoundsException
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:316)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
at TestOCSP.run(TestOCSP.java:209)
at TestOCSP.main(TestOCSP.java:60)
Caused by: java.lang.IndexOutOfBoundsException
at java.security.cert.CertPathValidatorException.<init>(CertPathValidatorException.java:131)
at sun.security.provider.certpath.CertificateRevokedException.<init>(OCSPChecker.java:490)
at sun.security.provider.certpath.OCSPChecker.check(OCSPChecker.java:370)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:117)
... 5 more
========================================================
This test case failed when running with 6u10 b25 pit bundles , not sure if it's caused by bug fix of #6383078 in this pit. But this testcase can pass with previous build.
For more details , please visit :
http://sqeweb.sfbay/jsn/keep_forbug/jsn_6.0_UR_int-pit_sec_6.0_UR_linux-i586-2008-05-28-00-35-51-0851/dtftest.Linux.i386/OCSP/