JDK-6500133 : REGRESSION: CertificateParsingException for CRL Distribution Point with blank
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 5.0,6u17
  • Priority: P4
  • Status: Closed
  • Resolution: Won't Fix
  • OS: linux,solaris
  • CPU: x86,sparc
  • Submitted: 2006-12-04
  • Updated: 2014-01-22
  • Resolved: 2014-01-22
Related Reports
Duplicate :  
Relates :  
Relates :  
Description
FULL PRODUCT VERSION :
1.5.0_06-b05
1.5.0_09-b03

ADDITIONAL OS VERSION INFORMATION :
Linux CentOs

A DESCRIPTION OF THE PROBLEM :
When I try to parse a X509Certificate with CRL Distribution Point with a blank char (ex: "ldap://mysite.it/CN=Servizio Test") with jdk 1.5, I have always this kind of exception: "java.security.cert.CertificateParsingException: java.io.IOException: java.net.URISyntaxException: Illegal character in path at index ...". With jdk 1.4.2_06-b03 it works fine.


ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.cert.CertificateParsingException: java.io.IOException: java.net.URISyntaxException: Illegal character in path at index 44: ldap://ldap.cgi.crs.lombardia.it/CN=Servizio di Test


REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
String certBase64 = "MIIEljCCA36gAw..................0WULFMm9fu3XUdYdg=";

try {

InputStream inStream = new ByteArrayInputStream(
Base64.decode(certBase64 )
);

java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");

X509Certificate caCert = (X509Certificate) cf.generateCertificate(inStream);
System.out.println("ok: " + caCert.toString());

}
catch (Exception e) {
System.out.println("setCainfo - error" + e.toString());
}
---------- END SOURCE ----------

Comments
As the fix has been backed out JDK-8005414.
2014-01-22

Fix backed out in JDK-8005414 Hence not verified
2013-04-12

EVALUATION sun.security.x509.URIName constructor made more flexible by first re-encoding URIs with illegal characters.
2012-08-17