changeset 9050:bc7c24915ee9

8029788: Certificate validation - java.lang.ClassCastException Reviewed-by: xuelei, mullan, weijun
author vinnie
date Wed, 18 Dec 2013 12:23:41 +0000
parents 78ad43cbe7e2
children ceafbd631c88
files src/share/classes/sun/security/provider/certpath/OCSPResponse.java
diffstat 1 files changed, 8 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java	Wed Dec 18 11:00:48 2013 +0100
+++ b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java	Wed Dec 18 12:23:41 2013 +0000
@@ -427,9 +427,14 @@
         if (signerCert == null) {
             // Add the Issuing CA cert and/or Trusted Responder cert to the list
             // of certs from the OCSP response
-            certs.add((X509CertImpl) issuerCert);
-            if (responderCert != null) {
-                certs.add((X509CertImpl) responderCert);
+            try {
+                certs.add(X509CertImpl.toImpl(issuerCert));
+                if (responderCert != null) {
+                    certs.add(X509CertImpl.toImpl(responderCert));
+                }
+            } catch (CertificateException ce) {
+                throw new CertPathValidatorException(
+                    "Invalid issuer or trusted responder certificate", ce);
             }
 
             if (responderName != null) {