Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
P4
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 18
-
Component/s: security-libs
-
Labels:None
-
Subcomponent:
-
Resolved In Build:b18
Description
There is an encoding bug related to the DistributionPointName object in sun/security/x509/IssuingDistributionPointExtension.java:
*
* The fix would be:
*
* ***************
* *** 395,397 ****
* distributionPoint.encode(tmp);
* ! tagged.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true,
* TAG_DISTRIBUTION_POINT), tmp);
* --- 395,397 ----
* distributionPoint.encode(tmp);
* ! tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true,
* TAG_DISTRIBUTION_POINT), tmp);
*
The reason is that a CHOICE field should not be encode as IMPLICIT, otherwise, the choice number is lost.
*
* The fix would be:
*
* ***************
* *** 395,397 ****
* distributionPoint.encode(tmp);
* ! tagged.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true,
* TAG_DISTRIBUTION_POINT), tmp);
* --- 395,397 ----
* distributionPoint.encode(tmp);
* ! tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true,
* TAG_DISTRIBUTION_POINT), tmp);
*
The reason is that a CHOICE field should not be encode as IMPLICIT, otherwise, the choice number is lost.