RFR: 8264864: Multiple byte tag not supported by ASN.1 encoding [v3]
Weijun Wang
weijun at openjdk.java.net
Thu Apr 8 17:06:37 UTC 2021
On Thu, 8 Apr 2021 15:53:10 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> update exception wordings
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 225:
>
>> 223: DerValue(byte tag, byte[] buffer, int start, int end, boolean allowBER) {
>> 224: if ((tag & 0x1f) == 0x1f) {
>> 225: throw new IllegalArgumentException("Tag number 31 is not supported");
>
> As number 31 just means the tag is bigger than 31, Is it more accuracy by using "Tag number over 30 is not supported"?
Well, it's a little delicate here. Even if we support multi-byte tag one day, this constructor will still only be used to create a single-byte tag `DerValue`, and it's illegal for a single byte tag to end with 0x1f. So the words above is to remind people that they cannot create a tag number 31 `DerValue` just because it seems it still fits into the 5 bits. Precisely, the words should be "this constructor only supports tag number between 0 and 30", but... I'll choose your words.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3391
More information about the security-dev
mailing list