RFR: 8296736: Some PKCS9Attribute can be created but cannot be encoded [v2]
Weijun Wang
weijun at openjdk.org
Mon Nov 14 21:55:57 UTC 2022
On Mon, 14 Nov 2022 21:47:38 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> make class package private
>
> src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java line 381:
>
>> 379: index = indexOf(oid, PKCS9_OIDS, 1);
>> 380: Class<?> clazz = index == -1 ? BYTE_ARRAY_CLASS: VALUE_CLASSES[index];
>> 381: if (clazz == null || !clazz.isInstance(value)) {
>
> If my reading of the current impl is correct, if clazz is null, the attribute is not supported. The error message seems a bit misleading as it's not really due to the value itself, but the attribute is not supported. Is it just for avoiding NPE and changing it into IAE?
Yes, just to avoid NPE. I can see the message about type is null looks strange. I'll change it to something normal.
> test/jdk/sun/security/pkcs/pkcs9/PKCS9AttrTypeTests.java line 176:
>
>> 174: // Encoding is supported
>> 175: DerOutputStream dos = new DerOutputStream();
>> 176: p9Attr.encode(dos);
>
> Should we check the encoding has the expected value? Otherwise, it looks like we only require that no exception is thrown?
You mean comparing it with the original value? I tried that but not always the same. For example, a string might be an IA5String at the beginning but becomes a UTF8String after re-encoding.
-------------
PR: https://git.openjdk.org/jdk/pull/11070
More information about the security-dev
mailing list