8029788: Certificate validation - java.lang.ClassCastException

Reviewed-by: xuelei, mullan, weijun

8029788: Certificate validation - java.lang.ClassCastException
Reviewed-by: xuelei, mullan, weijun
4ce24894 · vinnie · 4c828cdb · 4ce24894
隐藏空白更改
内联并排

Showing with 8 addition and 3 deletion

src/share/classes/sun/security/provider/certpath/OCSPResponse.java .../classes/sun/security/provider/certpath/OCSPResponse.java +8 -3

未找到文件。
--- a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
+++ b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
@@ -427,9 +427,14 @@ public final class OCSPResponse {
        if (signerCert == null) {
            // Add the Issuing CA cert and/or Trusted Responder cert to the list
            // of certs from the OCSP response
-            certs.add((X509CertImpl) issuerCert);
-            if (responderCert != null) {
-                certs.add((X509CertImpl) responderCert);
+            try {
+                certs.add(X509CertImpl.toImpl(issuerCert));
+                if (responderCert != null) {
+                    certs.add(X509CertImpl.toImpl(responderCert));
+                }
+            } catch (CertificateException ce) {
+                throw new CertPathValidatorException(
+                    "Invalid issuer or trusted responder certificate", ce);
            }

            if (responderName != null) {