Re: RFR: 8296742: Illegal X509 Extension should not be created [v8]

Tue, 22 Nov 2022 12:16:11 -0800 

On Tue, 22 Nov 2022 19:34:24 GMT, Sean Mullan <mul...@openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   IssuerAlternativeNameExtension names
>
> src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java
>  line 113:
> 
>> 111:     public CertificatePoliciesExtension(Boolean critical,
>> 112:             List<PolicyInformation> certPolicies) throws IOException {
>> 113:         if (certPolicies == null || certPolicies.isEmpty()) {
> 
> You should probably also change `PolicyInformation(CertificatePolicyId 
> policyIdentifier,            Set<PolicyQualifierInfo> policyQualifiers)` to 
> check for a null policyIdentifier and an empty policyQualifiers set.

I'll check about null `policyIdentifier`. According to 
https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.4, `policyQualifiers` is 
OPTIONAL so it can be empty.

-------------

PR: https://git.openjdk.org/jdk/pull/11137

Reply via email to