RFR: 8264864: Multiple byte tag not supported by ASN.1 encoding [v2]

[Weijun Wang]

On Thu, 8 Apr 2021 03:46:07 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   make sure test fails before code change
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 322:
> 
>> 320:         tag = buf[pos++];
>> 321:         if ((tag & 0x1f) == 0x1f) {
>> 322:             throw new IOException("Tag number cannot exceed 30");
> 
> It may be safe if not support multiple bytes tag in the current implementation of JDK, especially the ASN.1 implementation is private.  However, multiple bytes tag is a legal form of ASN.1 encoding, I think.  It would be nice to have a comment to state that this form is not support yet, and we may consider it in the future if needed.  It may be helpful for future code maintenance.
> 
> The exception message, "Tag number cannot exceed 30", may be not accuracy.  I think tag number can exceed 30 per the specification, but JDK does not support it yet because we did not run into such tags in practice.  I may use some words like: "Tag number exceed 30 is not supported".

Messages updated. "exceed" is a verb and I'm not sure whether to choose "exceeding" or "that exceeds" so finally use "over". Thanks!

-------------

PR: https://git.openjdk.java.net/jdk/pull/3391