--- a/jdk/src/java.base/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Wed Feb 18 04:01:33 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Fri Feb 20 12:59:26 2015 +0300
@@ -551,10 +551,10 @@
// set interim reasons mask to the intersection of
// reasons in the DP and onlySomeReasons in the IDP
boolean[] idpReasonFlags = reasons.getFlags();
- for (int i = 0; i < idpReasonFlags.length; i++) {
- if (idpReasonFlags[i] && pointReasonFlags[i]) {
- interimReasonsMask[i] = true;
- }
+ for (int i = 0; i < interimReasonsMask.length; i++) {
+ interimReasonsMask[i] =
+ (i < idpReasonFlags.length && idpReasonFlags[i]) &&
+ (i < pointReasonFlags.length && pointReasonFlags[i]);
}
} else {
// set interim reasons mask to the value of
@@ -568,7 +568,6 @@
interimReasonsMask = pointReasonFlags.clone();
} else {
// set interim reasons mask to the special value all-reasons
- interimReasonsMask = new boolean[9];
Arrays.fill(interimReasonsMask, true);
}
}
@@ -577,7 +576,9 @@
// not included in the reasons mask
boolean oneOrMore = false;
for (int i = 0; i < interimReasonsMask.length && !oneOrMore; i++) {
- if (!reasonsMask[i] && interimReasonsMask[i]) {
+ if (interimReasonsMask[i] &&
+ !(i < reasonsMask.length && reasonsMask[i]))
+ {
oneOrMore = true;
}
}
@@ -703,11 +704,11 @@
}
// update reasonsMask
- for (int i = 0; i < interimReasonsMask.length; i++) {
- if (!reasonsMask[i] && interimReasonsMask[i]) {
- reasonsMask[i] = true;
- }
+ for (int i = 0; i < reasonsMask.length; i++) {
+ reasonsMask[i] = reasonsMask[i] ||
+ (i < interimReasonsMask.length && interimReasonsMask[i]);
}
+
return true;
}
--- a/jdk/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java Wed Feb 18 04:01:33 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java Fri Feb 20 12:59:26 2015 +0300
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -83,7 +83,8 @@
* @param position the position in the bit string to check.
*/
private boolean isSet(int position) {
- return bitString[position];
+ return (position < bitString.length) &&
+ bitString[position];
}
/**
@@ -275,41 +276,40 @@
* Returns a printable representation of the KeyUsage.
*/
public String toString() {
- String s = super.toString() + "KeyUsage [\n";
+ StringBuilder sb = new StringBuilder();
+ sb.append(super.toString());
+ sb.append("KeyUsage [\n");
- try {
- if (isSet(0)) {
- s += " DigitalSignature\n";
- }
- if (isSet(1)) {
- s += " Non_repudiation\n";
- }
- if (isSet(2)) {
- s += " Key_Encipherment\n";
- }
- if (isSet(3)) {
- s += " Data_Encipherment\n";
- }
- if (isSet(4)) {
- s += " Key_Agreement\n";
- }
- if (isSet(5)) {
- s += " Key_CertSign\n";
- }
- if (isSet(6)) {
- s += " Crl_Sign\n";
- }
- if (isSet(7)) {
- s += " Encipher_Only\n";
- }
- if (isSet(8)) {
- s += " Decipher_Only\n";
- }
- } catch (ArrayIndexOutOfBoundsException ex) {}
+ if (isSet(0)) {
+ sb.append(" DigitalSignature\n");
+ }
+ if (isSet(1)) {
+ sb.append(" Non_repudiation\n");
+ }
+ if (isSet(2)) {
+ sb.append(" Key_Encipherment\n");
+ }
+ if (isSet(3)) {
+ sb.append(" Data_Encipherment\n");
+ }
+ if (isSet(4)) {
+ sb.append(" Key_Agreement\n");
+ }
+ if (isSet(5)) {
+ sb.append(" Key_CertSign\n");
+ }
+ if (isSet(6)) {
+ sb.append(" Crl_Sign\n");
+ }
+ if (isSet(7)) {
+ sb.append(" Encipher_Only\n");
+ }
+ if (isSet(8)) {
+ sb.append(" Decipher_Only\n");
+ }
+ sb.append("]\n");
- s += "]\n";
-
- return (s);
+ return sb.toString();
}
/**
--- a/jdk/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java Wed Feb 18 04:01:33 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java Fri Feb 20 12:59:26 2015 +0300
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -136,7 +136,8 @@
* @param position the position in the bit string to check.
*/
private boolean isSet(int position) {
- return bitString[position];
+ return (position < bitString.length) &&
+ bitString[position];
}
/**
@@ -236,27 +237,34 @@
* Returns a printable representation of the NetscapeCertType.
*/
public String toString() {
- String s = super.toString() + "NetscapeCertType [\n";
+ StringBuilder sb = new StringBuilder();
+ sb.append(super.toString());
+ sb.append("NetscapeCertType [\n");
- try {
- if (isSet(getPosition(SSL_CLIENT)))
- s += " SSL client\n";
- if (isSet(getPosition(SSL_SERVER)))
- s += " SSL server\n";
- if (isSet(getPosition(S_MIME)))
- s += " S/MIME\n";
- if (isSet(getPosition(OBJECT_SIGNING)))
- s += " Object Signing\n";
- if (isSet(getPosition(SSL_CA)))
- s += " SSL CA\n";
- if (isSet(getPosition(S_MIME_CA)))
- s += " S/MIME CA\n";
- if (isSet(getPosition(OBJECT_SIGNING_CA)))
- s += " Object Signing CA" ;
- } catch (Exception e) { }
+ if (isSet(0)) {
+ sb.append(" SSL client\n");
+ }
+ if (isSet(1)) {
+ sb.append(" SSL server\n");
+ }
+ if (isSet(2)) {
+ sb.append(" S/MIME\n");
+ }
+ if (isSet(3)) {
+ sb.append(" Object Signing\n");
+ }
+ if (isSet(5)) {
+ sb.append(" SSL CA\n");
+ }
+ if (isSet(6)) {
+ sb.append(" S/MIME CA\n");
+ }
+ if (isSet(7)) {
+ sb.append(" Object Signing CA");
+ }
- s += "]\n";
- return (s);
+ sb.append("]\n");
+ return sb.toString();
}
/**
--- a/jdk/src/java.base/share/classes/sun/security/x509/ReasonFlags.java Wed Feb 18 04:01:33 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/x509/ReasonFlags.java Fri Feb 20 12:59:26 2015 +0300
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -99,7 +99,8 @@
* @param position the position in the bit string to check.
*/
private boolean isSet(int position) {
- return bitString[position];
+ return (position < bitString.length) &&
+ bitString[position];
}
/**
@@ -199,23 +200,38 @@
* Returns a printable representation of the ReasonFlags.
*/
public String toString() {
- String s = "Reason Flags [\n";
+ StringBuilder sb = new StringBuilder("Reason Flags [\n");
- try {
- if (isSet(0)) s += " Unused\n";
- if (isSet(1)) s += " Key Compromise\n";
- if (isSet(2)) s += " CA Compromise\n";
- if (isSet(3)) s += " Affiliation_Changed\n";
- if (isSet(4)) s += " Superseded\n";
- if (isSet(5)) s += " Cessation Of Operation\n";
- if (isSet(6)) s += " Certificate Hold\n";
- if (isSet(7)) s += " Privilege Withdrawn\n";
- if (isSet(8)) s += " AA Compromise\n";
- } catch (ArrayIndexOutOfBoundsException ex) {}
+ if (isSet(0)) {
+ sb.append(" Unused\n");
+ }
+ if (isSet(1)) {
+ sb.append(" Key Compromise\n");
+ }
+ if (isSet(2)) {
+ sb.append(" CA Compromise\n");
+ }
+ if (isSet(3)) {
+ sb.append(" Affiliation_Changed\n");
+ }
+ if (isSet(4)) {
+ sb.append(" Superseded\n");
+ }
+ if (isSet(5)) {
+ sb.append(" Cessation Of Operation\n");
+ }
+ if (isSet(6)) {
+ sb.append(" Certificate Hold\n");
+ }
+ if (isSet(7)) {
+ sb.append(" Privilege Withdrawn\n");
+ }
+ if (isSet(8)) {
+ sb.append(" AA Compromise\n");
+ }
+ sb.append("]\n");
- s += "]\n";
-
- return (s);
+ return sb.toString();
}
/**