Incorrect encoding of the DistributionPointName object in IssuingDistributionPointExtension
Wei-Jun Wang
weijun.wang at oracle.com
Sun Sep 26 13:32:32 UTC 2021
Hi Ning,
Thanks for the report. It is indeed a bug.
I've filed a PR at https://github.com/openjdk/jdk/pull/5706.
Best wishes,
Weijun
> On Sep 26, 2021, at 1:22 AM, Zhang, Ning <Ning.Zhang at team.neustar> wrote:
>
> Here is the test program for demonstrating the issue. Thanks.
>
> /*
> * This java program demonstrates the encoding bug related to the
> * DistributionPointName object in
> *
> * sun/security/x509/IssuingDistributionPointExtension.java
> *
> * The fix would be:
> *
> * ***************
> * *** 395,397 ****
> * distributionPoint.encode(tmp);
> * ! tagged.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true,
> * TAG_DISTRIBUTION_POINT), tmp);
> * --- 395,397 ----
> * distributionPoint.encode(tmp);
> * ! tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true,
> * TAG_DISTRIBUTION_POINT), tmp);
> *
> * ***************
> *
More information about the security-dev
mailing list