On 03/23/2015 02:47 AM, Wang Weijun wrote:
Begin forwarded message:
Date: March 23, 2015 at 16:33:18 GMT+8
From: Florian Weimer<[email protected]>
To: Wang Weijun<[email protected]>, OpenJDK Dev
list<[email protected]>
Subject: Re: RFR 8074935: jdk8 keytool doesn't validate pem files for RFC 1421
correctness, as jdk7 did
On 03/17/2015 11:02 AM, Wang Weijun wrote:
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8074935/webrev.00/
In jdk8, we use Base64.getMimeDecoder() to parse PEM-encoded certs and it ignores every
character not in the base-64 alphabet. PEM is more restricted and as I know openssl
rejects PEM with illegal chars (Ex, "!" as in bug report and test). This fix
will also reject them.
Shouldn't you add a Base64.getPemDecoder() with these semantics? I
think this decoder would be useful in other contexts as well.
Sherman, is that possible?
While it is possible personally I will be a little hesitated to add the support
for a
"deprecated" rfc into the "new" Base64 class. Any evidence that PEM is still
heavily used in other contexts?
-Sherman
