On Mon, 27 Jan 2025 12:39:45 GMT, Konanki Sreenath wrote:
> Earlier code will trigger NPE if the certificate does not contain the
> extensions or if the requested extensions does not exist. The better approach
> for hardening **getExtensionValue** here is to to check for NULL e
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
On Tue, 18 Feb 2025 17:44:12 GMT, Weijun Wang wrote:
> There is still one `if (info != null)` check in `getTBSCertificate()`.
>
> Also, you can combine
>
> ```
> Objects.requireNonNull(info);
> this.info = info;
> ```
>
> to
>
> ```
> this.info = Objects.requireNonNull
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
On Mon, 10 Feb 2025 13:37:07 GMT, Weijun Wang wrote:
> I take back my word about `extensions` -- it can be null. However,
> `X509CertImpl` should never have a null `info`. I’d prefer to add
> `Objects.requireNonNull` in its constructor. Your approach of returning null
> instead of throwing an
On Fri, 7 Feb 2025 15:12:08 GMT, Sean Mullan wrote:
> > I'm wondering how necessary this fix is. These are internal classes, only
> > called inside JDK, where some pre-conditions are always met. Unless someone
> > explicitly calls `x509Certimpl.getInfo().setExtensions(null)` (as done in
> > th
t;
> The associated tests are written and added in test class
> **CertificateExtensions**. Which will ensure to validate the
> **getExtensionValue()** and **getKeyUsage()** methods in **X509CertImpl**
> class.
Konanki Sreenath has updated the pull request incrementally with one
On Fri, 31 Jan 2025 17:29:24 GMT, Matthew Donovan wrote:
>> Earlier code will trigger NPE if the certificate does not contain the
>> extensions or if the requested extensions does not exist. The better
>> approach for hardening **getExtensionValue** here is to to check for NULL
>> explicitly b
Earlier code will trigger NPE if the certificate does not contain the
extensions or if the requested extensions does not exist. The better approach
for hardening **getExtensionValue** here is to to check for NULL explicitly
before calling **getExtensionValue()** and avoding try-catch block which
On Wed, 5 Feb 2025 03:55:18 GMT, Nibedita Jena wrote:
>> Earlier code will trigger NPE if the certificate does not contain the
>> extensions or if the requested extensions does not exist. The better
>> approach for hardening **getExtensionValue** here is to to check for NULL
>> explicitly befo
13 matches
Mail list logo
