Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8264864: Multiple byte tag not supported by ASN.1 encoding #3391

Closed
wants to merge 5 commits into from
Closed
Changes from all commits
Commits
File filter
Filter file types
Jump to
Jump to file
Failed to load files.

Always

Just for now

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -221,6 +221,9 @@ public boolean isConstructed(byte constructedTag) {
* Creates a new DerValue by specifying all its fields.
*/
DerValue(byte tag, byte[] buffer, int start, int end, boolean allowBER) {
if ((tag & 0x1f) == 0x1f) {
throw new IllegalArgumentException("Tag number over 30 is not supported");
}
this.tag = tag;
this.buffer = buffer;
this.start = start;
@@ -315,6 +318,9 @@ public DerValue(byte[] encoding) throws IOException {
}
int pos = offset;
tag = buf[pos++];
if ((tag & 0x1f) == 0x1f) {
throw new IOException("Tag number over 30 at " + offset + " is not supported");
}
int lenByte = buf[pos++];

int length;
@@ -388,6 +394,9 @@ public DerValue(byte[] encoding) throws IOException {
// arg to control whether DER checks are enforced.
DerValue(InputStream in, boolean allowBER) throws IOException {
this.tag = (byte)in.read();
if ((tag & 0x1f) == 0x1f) {
throw new IOException("Tag number over 30 is not supported");
}
int length = DerInputStream.getLength(in);
if (length == -1) { // indefinite length encoding found
if (!allowBER) {
@@ -1140,6 +1149,9 @@ public static boolean isPrintableStringChar(char ch) {
* @param val the tag value
*/
public static byte createTag(byte tagClass, boolean form, byte val) {
if (val < 0 || val > 30) {
throw new IllegalArgumentException("Tag number over 30 is not supported");
}
byte tag = (byte)(tagClass | val);
if (form) {
tag |= (byte)0x20;
@@ -0,0 +1,70 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8264864
* @summary Multiple byte tag not supported by ASN.1 encoding
* @modules java.base/sun.security.util
* @library /test/lib
*/

import jdk.test.lib.Utils;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

import java.io.IOException;

public class WideTag {

public static void main(String[] args) throws Exception {

// Small ones
DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)30);
DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0);

// Big ones
Utils.runAndCheckException(
() -> DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)31),
IllegalArgumentException.class);
Utils.runAndCheckException(
() -> DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)222),
IllegalArgumentException.class);

// We don't accept number 31
Utils.runAndCheckException(() -> new DerValue((byte)0xbf, new byte[10]),
IllegalArgumentException.class);

// CONTEXT [98] size 97. Not supported. Should fail.
// Before this fix, it was interpreted as CONTEXT [31] size 98.
byte[] wideDER = new byte[100];
wideDER[0] = (byte)0xBF;
wideDER[1] = (byte)98;
wideDER[2] = (byte)97;

Utils.runAndCheckException(() -> new DerValue(wideDER),
IOException.class);
Utils.runAndCheckException(() -> new DerInputStream(wideDER).getDerValue(),
IOException.class);
}
}
ProTip! Use n and p to navigate between commits in a pull request.