Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8059916: Change default criticality of policy mappings and policy constraints certificate extensions
authorjuh
Tue, 13 Jan 2015 14:33:54 -0800
changeset 28420 8fe17d073b54
parent 28419 361e3aa27cb5
child 28421 8b4f4f0de688
8059916: Change default criticality of policy mappings and policy constraints certificate extensions Reviewed-by: mullan
jdk/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java file | annotate | diff | comparison | revisions
jdk/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java file | annotate | diff | comparison | revisions
jdk/test/sun/security/x509/Extensions/DefaultCriticality.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java	Tue Jan 13 17:14:51 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java	Tue Jan 13 14:33:54 2015 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,9 +27,7 @@
 
 import java.io.IOException;
 import java.io.OutputStream;
-import java.security.cert.CertificateException;
 import java.util.Enumeration;
-import java.util.Vector;
 
 import sun.security.util.*;
 
@@ -111,7 +109,7 @@
      */
     public PolicyConstraintsExtension(int require, int inhibit)
     throws IOException {
-        this(Boolean.FALSE, require, inhibit);
+        this(Boolean.TRUE, require, inhibit);
     }
 
     /**
@@ -202,7 +200,7 @@
         DerOutputStream tmp = new DerOutputStream();
         if (extensionValue == null) {
           extensionId = PKIXExtensions.PolicyConstraints_Id;
-          critical = false;
+          critical = true;
           encodeThis();
         }
         super.encode(tmp);
--- a/jdk/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java	Tue Jan 13 17:14:51 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java	Tue Jan 13 14:33:54 2015 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -92,7 +92,7 @@
             throws IOException {
         this.maps = map;
         this.extensionId = PKIXExtensions.PolicyMappings_Id;
-        this.critical = false;
+        this.critical = true;
         encodeThis();
     }
 
@@ -100,8 +100,8 @@
      * Create a default PolicyMappingsExtension.
      */
     public PolicyMappingsExtension() {
-        extensionId = PKIXExtensions.KeyUsage_Id;
-        critical = false;
+        extensionId = PKIXExtensions.PolicyMappings_Id;
+        critical = true;
         maps = new ArrayList<CertificatePolicyMap>();
     }
 
@@ -153,7 +153,7 @@
         DerOutputStream tmp = new DerOutputStream();
         if (extensionValue == null) {
             extensionId = PKIXExtensions.PolicyMappings_Id;
-            critical = false;
+            critical = true;
             encodeThis();
         }
         super.encode(tmp);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/x509/Extensions/DefaultCriticality.java	Tue Jan 13 14:33:54 2015 -0800
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @summary Change default criticality of policy mappings and policy constraints
+            certificate extensions
+ * @bug 8059916
+ */
+
+import sun.security.x509.PolicyConstraintsExtension;
+import sun.security.x509.PolicyMappingsExtension;
+
+public class DefaultCriticality {
+    public static void main(String [] args) throws Exception {
+        PolicyConstraintsExtension pce = new PolicyConstraintsExtension(-1,-1);
+        if (!pce.isCritical()) {
+            throw new Exception("PolicyConstraintsExtension should be " +
+                                "critical by default");
+        }
+
+        PolicyMappingsExtension pme = new PolicyMappingsExtension();
+        if (!pme.isCritical()) {
+            throw new Exception("PolicyMappingsExtension should be " +
+                                "critical by default");
+        }
+
+        System.out.println("Test passed.");
+    }
+}
jdk-sandbox