On Fri, 4 Apr 2025 03:18:31 GMT, Koushik Muthukrishnan Thirupattur
<d...@openjdk.org> wrote:
>> **A DESCRIPTION OF THE PROBLEM :**
>> Enabling -Djava.security.debug=x509,ava affects how special characters in
>> certificates are processed. The expected behavior is that debugging should
>> not interfere with the normal encoding of certificate fields.
>>
>> **Fix:**
>> The Debugging will no longer interfere with these fields, unless you call
>> toString().
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally
> with one additional commit since the last revision:
>
> 8349890:Option -Djava.security.debug=x509,ava breaks special chars
test/jdk/sun/security/x509/X500Name/PrintX500NameInDebugModeWithAvaOption.java
line 39:
> 37: public static void main(String[] args) throws Exception {
> 38:
> 39: X500Name name = new X500Name("cn=john doe + l=ca\\+lifornia + l
> =sf, O=Ñ");
Use `X500Principal` objects for testing instead of `X500Name`. `X500Principal`
is a public/standard API, so it is better to ensure that the issue is fixed via
standard APIs. Then you also don't need the `@modules` line.
Also change name of test to `PrintX500PrincipalInDebugModeWithAvaOption`.
test/jdk/sun/security/x509/X500Name/PrintX500NameInDebugModeWithAvaOption.java
line 47:
> 45: //Test the name in RFC2253 format. This should skip the hex
> conversion to return
> 46: //"\u00d1" for special character "Ñ"
> 47: Asserts.assertTrue(name.getRFC2253Name().contains("\u00d1"),
> "String does not contain expected value");
Here you can call `X500Principal.getName()` instead which emits an RFC 2253
name.
test/jdk/sun/security/x509/X500Name/PrintX500NameInDebugModeWithAvaOption.java
line 51:
> 49: //Test the name in canonical name in RFC2253 format. This should
> skip the hex conversion to return
> 50: //"n\u0303" for special character "Ñ"
> 51:
> Asserts.assertTrue(name.getRFC2253CanonicalName().contains("n\u0303"),"String
> does not contain expected value");
Here you can call `X500Principal.getName(X500Principal.CANONICAL)` instead
which emits a canonical RFC 2253 name.
test/jdk/sun/security/x509/X500Name/PrintX500NameInDebugModeWithAvaOption.java
line 51:
> 49: //Test the name in canonical name in RFC2253 format. This should
> skip the hex conversion to return
> 50: //"n\u0303" for special character "Ñ"
> 51:
> Asserts.assertTrue(name.getRFC2253CanonicalName().contains("n\u0303"),"String
> does not contain expected value");
Nit, add space after the comma, same comment on line 43 and 56. Or break up
into 2 lines as some of the lines are a bit long.
test/jdk/sun/security/x509/X500Name/PrintX500NameInDebugModeWithAvaOption.java
line 56:
> 54: //Test to print name in RFC1779 format. This should skip the hex
> conversion to print
> 55: //"\u00d1" for special character "Ñ"
> 56:
> Asserts.assertTrue(name.getRFC1779Name().contains("\u00d1"),"String does not
> contain expected value");
Here you can call `X500Principal.getName(X500Principal.RFC1779)` instead which
emits a RFC 1779 name.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24360#discussion_r2028855420
PR Review Comment: https://git.openjdk.org/jdk/pull/24360#discussion_r2028869879
PR Review Comment: https://git.openjdk.org/jdk/pull/24360#discussion_r2028872261
PR Review Comment: https://git.openjdk.org/jdk/pull/24360#discussion_r2028875687
PR Review Comment: https://git.openjdk.org/jdk/pull/24360#discussion_r2028874116
