Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8011745: Unknown CertificateChoices
authorweijun
Thu, 11 Apr 2013 11:10:03 +0800
changeset 16849 7556ca6597d5
parent 16848 630dd3143428
child 16850 f6f6c2182678
8011745: Unknown CertificateChoices Reviewed-by: vinnie
jdk/src/share/classes/sun/security/pkcs/PKCS7.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS7.java	Thu Apr 11 11:09:50 2013 +0800
+++ b/jdk/src/share/classes/sun/security/pkcs/PKCS7.java	Thu Apr 11 11:10:03 2013 +0800
@@ -161,7 +161,8 @@
             } catch (IOException ioe1) {
                 ParsingException pe = new ParsingException(
                     ioe1.getMessage());
-                pe.initCause(ioe1);
+                pe.initCause(ioe);
+                pe.addSuppressed(ioe1);
                 throw pe;
             }
         }
@@ -310,19 +311,26 @@
 
             len = certVals.length;
             certificates = new X509Certificate[len];
+            int count = 0;
 
             for (int i = 0; i < len; i++) {
                 ByteArrayInputStream bais = null;
                 try {
-                    if (certfac == null)
-                        certificates[i] = new X509CertImpl(certVals[i]);
-                    else {
-                        byte[] encoded = certVals[i].toByteArray();
-                        bais = new ByteArrayInputStream(encoded);
-                        certificates[i] =
-                            (X509Certificate)certfac.generateCertificate(bais);
-                        bais.close();
-                        bais = null;
+                    byte tag = certVals[i].getTag();
+                    // We only parse the normal certificate. Other types of
+                    // CertificateChoices ignored.
+                    if (tag == DerValue.tag_Sequence) {
+                        if (certfac == null) {
+                            certificates[count] = new X509CertImpl(certVals[i]);
+                        } else {
+                            byte[] encoded = certVals[i].toByteArray();
+                            bais = new ByteArrayInputStream(encoded);
+                            certificates[count] =
+                                (X509Certificate)certfac.generateCertificate(bais);
+                            bais.close();
+                            bais = null;
+                        }
+                        count++;
                     }
                 } catch (CertificateException ce) {
                     ParsingException pe = new ParsingException(ce.getMessage());
@@ -337,6 +345,9 @@
                         bais.close();
                 }
             }
+            if (count != len) {
+                certificates = Arrays.copyOf(certificates, count);
+            }
         }
 
         // check if crls (implicit tag) are provided (crls are OPTIONAL)
jdk-sandbox