-
Bug
-
Resolution: Fixed
-
P4
-
7
-
b50
-
generic
-
generic
-
Verified
When trying to encode a BasicConstraintsExtension with ca=false and a default pathlen (-1), the following exception is thrown:
Caused by: java.io.IOException: No value to encode for the extension!
at sun.security.x509.Extension.encode(Extension.java:173)
at sun.security.x509.BasicConstraintsExtension.encode(BasicConstraintsExtension.java:204)
The reason is the codes below in BasicConstraintsExtension.java,
private void encodeThis() throws IOException {
if (ca == false && pathLen < 0) {
this.extensionValue = null;
return;
}
....
The ASN.1 definition for the extension (RFC 5280 4.2.1.9) declares both field as optional inside a SEQUENCE.
Caused by: java.io.IOException: No value to encode for the extension!
at sun.security.x509.Extension.encode(Extension.java:173)
at sun.security.x509.BasicConstraintsExtension.encode(BasicConstraintsExtension.java:204)
The reason is the codes below in BasicConstraintsExtension.java,
private void encodeThis() throws IOException {
if (ca == false && pathLen < 0) {
this.extensionValue = null;
return;
}
....
The ASN.1 definition for the extension (RFC 5280 4.2.1.9) declares both field as optional inside a SEQUENCE.
- relates to
-
JDK-6804045 DerValue does not accept empty OCTET STRING
-
- Closed
-