> The JDK implementation (as supplied by the "SUN" provider) of > `X509Certificate::getSubjectAlternativeNames` and > `X509Certificate::getIssuerAlternativeNames` returns `null` instead of > throwing a `CertificateParsingException` when the extension is unparseable. > > This fix changes the behavior to comply with the specification. > > CSR: https://bugs.openjdk.java.net/browse/JDK-8275822
Sean Mullan has updated the pull request incrementally with one additional commit since the last revision: - Modified getExtendedKeyUsage to also throw exception if extension is unparseable. - Renamed and enhanced test to check cert with badly encoded extensions. - Added comments to test describing which fields are badly encoded. ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/6106/files - new: https://git.openjdk.java.net/jdk/pull/6106/files/e380c45a..10172038 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6106&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6106&range=00-01 Stats: 210 lines in 3 files changed: 107 ins; 94 del; 9 mod Patch: https://git.openjdk.java.net/jdk/pull/6106.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/6106/head:pull/6106 PR: https://git.openjdk.java.net/jdk/pull/6106