Mercurial > hg > openjdk > jigsaw > jdk
changeset 7275:1c3fff140324
8011745: Unknown CertificateChoices
Reviewed-by: vinnie
| author | weijun |
|---|---|
| date | Thu, 11 Apr 2013 11:10:03 +0800 |
| parents | 0ab22e58d151 |
| children | 006a7a576fe9 |
| files | src/share/classes/sun/security/pkcs/PKCS7.java |
| diffstat | 1 files changed, 21 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/pkcs/PKCS7.java Thu Apr 11 11:09:50 2013 +0800 +++ b/src/share/classes/sun/security/pkcs/PKCS7.java Thu Apr 11 11:10:03 2013 +0800 @@ -161,7 +161,8 @@ } catch (IOException ioe1) { ParsingException pe = new ParsingException( ioe1.getMessage()); - pe.initCause(ioe1); + pe.initCause(ioe); + pe.addSuppressed(ioe1); throw pe; } } @@ -310,19 +311,26 @@ len = certVals.length; certificates = new X509Certificate[len]; + int count = 0; for (int i = 0; i < len; i++) { ByteArrayInputStream bais = null; try { - if (certfac == null) - certificates[i] = new X509CertImpl(certVals[i]); - else { - byte[] encoded = certVals[i].toByteArray(); - bais = new ByteArrayInputStream(encoded); - certificates[i] = - (X509Certificate)certfac.generateCertificate(bais); - bais.close(); - bais = null; + byte tag = certVals[i].getTag(); + // We only parse the normal certificate. Other types of + // CertificateChoices ignored. + if (tag == DerValue.tag_Sequence) { + if (certfac == null) { + certificates[count] = new X509CertImpl(certVals[i]); + } else { + byte[] encoded = certVals[i].toByteArray(); + bais = new ByteArrayInputStream(encoded); + certificates[count] = + (X509Certificate)certfac.generateCertificate(bais); + bais.close(); + bais = null; + } + count++; } } catch (CertificateException ce) { ParsingException pe = new ParsingException(ce.getMessage()); @@ -337,6 +345,9 @@ bais.close(); } } + if (count != len) { + certificates = Arrays.copyOf(certificates, count); + } } // check if crls (implicit tag) are provided (crls are OPTIONAL)