Mercurial > hg > openjdk > jdk8 > jdk

changeset 8985:68c31754f925

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8029788: Certificate validation - java.lang.ClassCastException Reviewed-by: xuelei, mullan, weijun
author vinnie
date Tue, 17 Dec 2013 23:03:54 +0000
parents 4fa27233a3e9
children 9211877b25ba
files src/share/classes/sun/security/provider/certpath/OCSPResponse.java
diffstat 1 files changed, 8 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java	Tue Dec 17 14:13:26 2013 -0800
+++ b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java	Tue Dec 17 23:03:54 2013 +0000
@@ -427,9 +427,14 @@
         if (signerCert == null) {
             // Add the Issuing CA cert and/or Trusted Responder cert to the list
             // of certs from the OCSP response
-            certs.add((X509CertImpl) issuerCert);
-            if (responderCert != null) {
-                certs.add((X509CertImpl) responderCert);
+            try {
+                certs.add(X509CertImpl.toImpl(issuerCert));
+                if (responderCert != null) {
+                    certs.add(X509CertImpl.toImpl(responderCert));
+                }
+            } catch (CertificateException ce) {
+                throw new CertPathValidatorException(
+                    "Invalid issuer or trusted responder certificate", ce);
             }
 
             if (responderName != null) {