Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8074935

jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did

XMLWordPrintable

    • b57
    • Verified

        jdk7 keytool used to validate that input pem files were RFC 1421 compliant, but jdk8 keytool no longer does so, which seems like a bug. (but may be intentional; hard to tell)

        See http://en.wikipedia.org/wiki/Base64#Privacy-enhanced_mail

        SSCCE:

         $ (keytool7=$HOME/jdk/jdk7/bin/keytool keytool8=$HOME/jdk/jdk8/bin/keytool; perl -pe 's/^([A-Za-z])/!\1/' ./test/java/security/cert/CertPathValidator/OCSP/RootCert.pem > /tmp/corrupted.pem; echo 7: ; $keytool7 -printcert -file /tmp/corrupted.pem | head; echo 8: ; $keytool8 -printcert -file /tmp/corrupted.pem | head -3;)
        7:
        keytool error: java.lang.Exception: Failed to parse input
        8:
        Owner: CN=Root CA, O=Sun, C=US
        Issuer: CN=Root CA, O=Sun, C=US
        Serial number: 0

              weijun Weijun Wang
              martin Martin Buchholz
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: