94 lines
3.5 KiB
Diff
94 lines
3.5 KiB
Diff
|
|
# HG changeset patch
|
|
# User weijun
|
|
# Date 1533101708 -28800
|
|
# Node ID 9d92ff04a29c12a5d47f2ca4e772f7716bfdb8ff
|
|
# Parent b6e0bfe4a6ec5d8d9d9476c05627dfb47f2263e1
|
|
8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer
|
|
Reviewed-by: xuelei
|
|
|
|
diff -r b6e0bfe4a6ec -r 9d92ff04a29c src/java.base/share/classes/sun/security/provider/X509Factory.java
|
|
--- openjdk/jdk/src/share/classes/sun/security/provider/X509Factory.java Wed Aug 01 01:40:44 2018 -0400
|
|
+++ openjdk/jdk/src/share/classes/sun/security/provider/X509Factory.java Wed Aug 01 13:35:08 2018 +0800
|
|
@@ -1,5 +1,5 @@
|
|
/*
|
|
- * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
|
|
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
@@ -635,7 +635,8 @@
|
|
if (next != '\r') footer.append((char)next);
|
|
}
|
|
|
|
- checkHeaderFooter(header.toString(), footer.toString());
|
|
+ checkHeaderFooter(header.toString().replaceFirst("\\s++$", ""),
|
|
+ footer.toString().replaceFirst("\\s++$", ""));
|
|
|
|
return Pem.decode(new String(data, 0, pos));
|
|
}
|
|
diff -r b6e0bfe4a6ec -r 9d92ff04a29c test/jdk/sun/security/provider/X509Factory/BadPem.java
|
|
--- openjdk/jdk/test/sun/security/provider/X509Factory/BadPem.java Wed Aug 01 01:40:44 2018 -0400
|
|
+++ openjdk/jdk/test/sun/security/provider/X509Factory/BadPem.java Wed Aug 01 13:35:08 2018 +0800
|
|
@@ -1,5 +1,5 @@
|
|
/*
|
|
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
|
|
+ * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
@@ -23,14 +23,13 @@
|
|
|
|
/*
|
|
* @test
|
|
- * @bug 8074935
|
|
- * @summary jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
|
|
+ * @bug 8074935 8208602
|
|
+ * @summary X.509 cert PEM format read
|
|
*/
|
|
|
|
import java.io.ByteArrayOutputStream;
|
|
import java.io.FileInputStream;
|
|
-import java.io.FileOutputStream;
|
|
import java.io.PrintStream;
|
|
import java.security.KeyStore;
|
|
import java.security.cert.CertificateException;
|
|
import java.util.Arrays;
|
|
@@ -49,10 +48,12 @@
|
|
String pass = "passphrase";
|
|
String alias = "dummy";
|
|
|
|
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
|
KeyStore keyStore = KeyStore.getInstance("JKS");
|
|
keyStore.load(new FileInputStream(ks), pass.toCharArray());
|
|
byte[] cert = keyStore.getCertificate(alias).getEncoded();
|
|
|
|
+ // 8074935
|
|
ByteArrayOutputStream bout = new ByteArrayOutputStream();
|
|
PrintStream pout = new PrintStream(bout);
|
|
byte[] CRLF = new byte[] {'\r', '\n'};
|
|
@@ -64,14 +65,20 @@
|
|
}
|
|
pout.println(X509Factory.END_CERT);
|
|
|
|
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
|
-
|
|
try {
|
|
cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray()));
|
|
throw new Exception("Should fail");
|
|
} catch (CertificateException e) {
|
|
// Good
|
|
}
|
|
+
|
|
+ // 8208602
|
|
+ bout.reset();
|
|
+ pout.println(X509Factory.BEGIN_CERT + " ");
|
|
+ pout.println(Base64.getMimeEncoder().encodeToString(cert));
|
|
+ pout.println(X509Factory.END_CERT + " ");
|
|
+
|
|
+ cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray()));
|
|
}
|
|
}
|
|
|
|
|