Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8032573

CertificateFactory.getInstance("X.509").generateCertificates(InputStream) does not throw CertificateException for invalid input

XMLWordPrintable

    • b36
    • windows_7
    • Verified

        FULL PRODUCT VERSION :
        JDK1.7.0_45

        ADDITIONAL OS VERSION INFORMATION :
        Microsoft Windows [Version 6.1.7601]

        A DESCRIPTION OF THE PROBLEM :
        In JDK1.7.0_45, CertificateFactory.getInstance("X.509").generateCertificates(in) do not throw CertificateException for invalid input. But in jdk1.6.0_45, it can throw CertificateException for invalid input.
        See following JUnit test code:
        @org.junit.Test
        public void testGenerateCertificates() throws Exception {
        byte[] invalidCertBytes = "this is not valid x509 certficate byte array"
        .getBytes();
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        /*
         * Following suppose throw CertificateException. For jdk1.6.0_45_32bit,
         * following code can throw CertificateException. But for
         * jdk1.7.0_45_64bit, it just return a empty collection.
         */
        Collection<? extends Certificate> certs = cf
        .generateCertificates(new ByteArrayInputStream(invalidCertBytes));
        System.out.println(certs.isEmpty());
        }

        REGRESSION. Last worked in version 6u45

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Run the JUnit test code against JDK1.7.0_45.

        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        Throw CertificateException
        ACTUAL -
        Return a empty collection.

        REPRODUCIBILITY :
        This bug can be reproduced always.

              jnimeh Jamil Nimeh
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: