-
Bug
-
Resolution: Fixed
-
P3
-
8, 9
-
b08
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8045607 | 8u25 | Sean Mullan | P3 | Resolved | Fixed | b01 |
JDK-8038425 | 8u20 | Rajan Halade | P3 | Resolved | Fixed | b09 |
JDK-8053835 | emb-8u26 | Sean Mullan | P3 | Resolved | Fixed | b17 |
JDK throws ArrayIndexOutOfBoundsException while parsing non RFC conforming CRL with revocation reason not in the range of accepted values. Checked with keytool and CertPathValidator.
with keytool:
CRL Entry Extensions: 1
[1]: , Error parsing this extension
Exception trace:
java.lang.ArrayIndexOutOfBoundsException: -1
at sun.security.x509.CRLReasonCodeExtension.toString(CRLReasonCodeExtension.java:184)
at java.lang.String.valueOf(String.java:2979)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at java.util.AbstractMap.toString(AbstractMap.java:536)
at java.lang.String.valueOf(String.java:2979)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at java.security.cert.CertificateRevokedException.getMessage(CertificateRevokedException.java:173)
at sun.security.provider.certpath.RevocationChecker.checkApprovedCRLs(RevocationChecker.java:655)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:567)
with keytool:
CRL Entry Extensions: 1
[1]: , Error parsing this extension
Exception trace:
java.lang.ArrayIndexOutOfBoundsException: -1
at sun.security.x509.CRLReasonCodeExtension.toString(CRLReasonCodeExtension.java:184)
at java.lang.String.valueOf(String.java:2979)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at java.util.AbstractMap.toString(AbstractMap.java:536)
at java.lang.String.valueOf(String.java:2979)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at java.security.cert.CertificateRevokedException.getMessage(CertificateRevokedException.java:173)
at sun.security.provider.certpath.RevocationChecker.checkApprovedCRLs(RevocationChecker.java:655)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:567)
- backported by
-
JDK-8038425 AIOB while parsing CRL for revoked certificate
-
- Resolved
-
-
JDK-8045607 AIOB while parsing CRL for revoked certificate
-
- Resolved
-
-
JDK-8053835 AIOB while parsing CRL for revoked certificate
-
- Resolved
-