-
CSR
-
Resolution: Approved
-
P4
-
None
-
behavioral
-
low
-
An exception will be thrown instead of returning null, but CertificateParsingException is part of the specification and is a checked exception so code should be prepared to handle it.
-
Java API
-
Implementation
Summary
The JDK implementation (as supplied by the SUN provider) of X509Certificate::getSubjectAlternativeNames
, X509Certificate::getIssuerAlternativeNames
and X509Certificate::getExtendedKeyUsage
returns null
instead of throwing a CertificateParsingException
when the extension is non-critical and unparseable (badly encoded or contains invalid values).
Problem
This behavior is not compliant with the specification of these methods.
Solution
Change the implementations to throw CertificateParsingException
.
Specification
N/A. The new behavior is compliant with the specification.
- csr of
-
JDK-8251468 X509Certificate.get{Subject,Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable
- Closed