-
Enhancement
-
Resolution: Unresolved
-
P4
-
None
-
8
-
None
-
generic
-
generic
The sun.security.x509.CertificateExtensions class maintains a Map<String,Extension> map field to store all the extensions it manages. The key of map uses the name (say, "BasicConstraints") of the extension, or the OID when the type of the extension is unknown.
This might have several issues:
1. This inconsistency made the code very difficult to maintain
2. Although it looks like the name will be always used when a name is available, this is not documented clearly and well-known. For example, X509CertImpl::getExtension(OID) does not make use of this fact.
It should be much simpler to always using the OID as the key (either an ObjectIdentifier object or a String).
This might have several issues:
1. This inconsistency made the code very difficult to maintain
2. Although it looks like the name will be always used when a name is available, this is not documented clearly and well-known. For example, X509CertImpl::getExtension(OID) does not make use of this fact.
It should be much simpler to always using the OID as the key (either an ObjectIdentifier object or a String).
- relates to
-
JDK-8073182 keytool may generate duplicate extensions
-
- Resolved
-