Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P2
Fix Version/s: 7u40
Affects Version/s: 7u6
Component/s: security-libs
Labels:

Introduced In Build:
b17
Introduced In Version:

7u6
Resolved In Build:
b34
CPU:

generic
OS:

generic
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8020902	7u60	Vincent Ryan	P2	Resolved	Fixed	b01
JDK-8021091	7u45	Vincent Ryan	P2	Closed	Fixed	b04
JDK-8062645	6u95	Sean Coffey	P2	Closed	Fixed	b01

CertPathValidator throws NPE if trusted certificate does not have AuthorityKeyIdentifier extension:

certpath: PolicyChecker.checkPolicy() certificate policies verified
certpath: -checker5 validation succeeded
certpath: -Using checker6 ... [sun.security.provider.certpath.BasicChecker]
certpath: ---checking timestamp:Fri May 17 17:42:50 MSK 2013...
certpath: timestamp verified.
certpath: ---checking subject/issuer name chaining...
certpath: subject/issuer name chaining verified.
certpath: ---checking signature...
certpath: signature verified.
certpath: BasicChecker.updateState issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US; subject: CN=Oracle Root CA, OU=VeriSign Trust Network, O=Oracle Corporation, C=US; serial#: 100662332940862603838457626880723060860
certpath: -checker6 validation succeeded
certpath: -Using checker7 ... [sun.security.provider.certpath.OCSPChecker]
Exception in thread "main" java.lang.NullPointerException
at sun.security.x509.X509CertImpl.getIssuerKeyIdentifier(X509CertImpl.java:1077)
at sun.security.provider.certpath.OCSPChecker.check(OCSPChecker.java:251)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:133)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:351)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279)

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

test.tar
120 kB
2013-05-17 07:17

backported by

JDK-8020902 NPE is thrown during certpath validation if certificate does not have AuthorityKeyIdentifier extension

Resolved

JDK-8021091 NPE is thrown during certpath validation if certificate does not have AuthorityKeyIdentifier extension

Closed

JDK-8062645 NPE is thrown during certpath validation if certificate does not have AuthorityKeyIdentifier extension

Closed

relates to

JDK-2224873 Signature validation can fail under certain circumstances

Closed

Assignee:: Vincent Ryan

Reporter:: Artem Smotrakov

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2013-05-17 06:55

Updated:: 2014-10-31 07:21

Resolved:: 2013-07-12 06:47

Details

Backports

Description

Attachments

Attachments

Issue Links

Activity

People

Dates