Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

removed redundant throws clause in X509v3CertificateBuilder #1581

Closed
wants to merge 1 commit into from
Closed

removed redundant throws clause in X509v3CertificateBuilder #1581

wants to merge 1 commit into from

Conversation

kuzjka
Copy link

@kuzjka kuzjka commented Feb 8, 2024

Resolves #1580

X509v3CertificateBuilder has overloaded addExtension methods, which call ExtensionsGenerator under the hood.

If the extension is constructed from OID, critical flag and encoded extension value, ExtensionsGenerator may throw CertIOException if an IOException occurs during construction of the extension.

However, if Extension object is passed - no IOException can occur inside ExtensionGenerator and it doesn't throw CertIOException as well.

bc-java/core/src/main/java/org/bouncycastle/asn1/x509/ExtensionsGenerator.java

Lines 119 to 134 in 9279d29

/**
* Add a given extension.
*
* @param extension the full extension value.
*/
public void addExtension(
Extension extension)
{
if (extensions.containsKey(extension.getExtnId()))
{
throw new IllegalArgumentException("extension " + extension.getExtnId() + " already added");
}
extOrdering.addElement(extension.getExtnId());
extensions.put(extension.getExtnId(), extension);
}

Therefore, this checked exception throws clause is redundant in X509v3CertificateBuilder.

@dghgit dghgit self-assigned this Feb 11, 2024
@dghgit
Copy link
Contributor

dghgit commented Mar 16, 2024

I'll admit this is a bit painful, but we need to leave this as it is for now - the issue with the checked exception is removing it will mean all existing code will need to be changed and it will be very difficult to add the checked exception back in the case where further validation of extension contents turns out to be necessary. Rock and a hard place.

@dghgit dghgit closed this Mar 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dghgit dghgit

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

X509v3CertificateBuilder redundant CertIOException
2 participants
@kuzjka @dghgit