Skip to content
Permalink
Browse files
8264864: Multiple byte tag not supported by ASN.1 encoding
Reviewed-by: xuelei
  • Loading branch information
wangweij committed Apr 8, 2021
1 parent ccefa5e commit 3d2b4cc567777d0849818f5a4cc8fc6394a55f8d
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -221,6 +221,9 @@ public boolean isConstructed(byte constructedTag) {
* Creates a new DerValue by specifying all its fields.
*/
DerValue(byte tag, byte[] buffer, int start, int end, boolean allowBER) {
if ((tag & 0x1f) == 0x1f) {
throw new IllegalArgumentException("Tag number over 30 is not supported");
}
this.tag = tag;
this.buffer = buffer;
this.start = start;
@@ -315,6 +318,9 @@ public DerValue(byte[] encoding) throws IOException {
}
int pos = offset;
tag = buf[pos++];
if ((tag & 0x1f) == 0x1f) {
throw new IOException("Tag number over 30 at " + offset + " is not supported");
}
int lenByte = buf[pos++];

int length;
@@ -388,6 +394,9 @@ public DerValue(byte[] encoding) throws IOException {
// arg to control whether DER checks are enforced.
DerValue(InputStream in, boolean allowBER) throws IOException {
this.tag = (byte)in.read();
if ((tag & 0x1f) == 0x1f) {
throw new IOException("Tag number over 30 is not supported");
}
int length = DerInputStream.getLength(in);
if (length == -1) { // indefinite length encoding found
if (!allowBER) {
@@ -1140,6 +1149,9 @@ public static boolean isPrintableStringChar(char ch) {
* @param val the tag value
*/
public static byte createTag(byte tagClass, boolean form, byte val) {
if (val < 0 || val > 30) {
throw new IllegalArgumentException("Tag number over 30 is not supported");
}
byte tag = (byte)(tagClass | val);
if (form) {
tag |= (byte)0x20;
@@ -0,0 +1,70 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8264864
* @summary Multiple byte tag not supported by ASN.1 encoding
* @modules java.base/sun.security.util
* @library /test/lib
*/

import jdk.test.lib.Utils;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

import java.io.IOException;

public class WideTag {

public static void main(String[] args) throws Exception {

// Small ones
DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)30);
DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0);

// Big ones
Utils.runAndCheckException(
() -> DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)31),
IllegalArgumentException.class);
Utils.runAndCheckException(
() -> DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)222),
IllegalArgumentException.class);

// We don't accept number 31
Utils.runAndCheckException(() -> new DerValue((byte)0xbf, new byte[10]),
IllegalArgumentException.class);

// CONTEXT [98] size 97. Not supported. Should fail.
// Before this fix, it was interpreted as CONTEXT [31] size 98.
byte[] wideDER = new byte[100];
wideDER[0] = (byte)0xBF;
wideDER[1] = (byte)98;
wideDER[2] = (byte)97;

Utils.runAndCheckException(() -> new DerValue(wideDER),
IOException.class);
Utils.runAndCheckException(() -> new DerInputStream(wideDER).getDerValue(),
IOException.class);
}
}

1 comment on commit 3d2b4cc

@openjdk-notifier

This comment has been minimized.

Copy link

@openjdk-notifier openjdk-notifier bot commented on 3d2b4cc Apr 8, 2021

Please sign in to comment.