8315042: NPE in PKCS7.parseOldSignedData

Reviewed-by: valeriep, weijun
This commit is contained in:
Mark Powers 2023-10-04 00:23:42 +00:00 committed by Valerie Peng
parent f7deaf4bef
commit 8c0d026d0f
2 changed files with 29 additions and 38 deletions
src/java.base/share/classes/sun/security/pkcs
test/jdk/sun/security/x509/X509CRLImpl

@ -152,6 +152,10 @@ public class PKCS7 {
ObjectIdentifier contentType = block.contentType;
DerValue content = block.getContent();
if (content == null) {
throw new ParsingException("content is null");
}
if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) {
parseSignedData(content);
} else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) {

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -23,56 +23,43 @@
/*
* @test
* @bug 5052433
* @summary NullPointerException for generateCRL and generateCRLs methods.
* @bug 5052433 8315042
* @summary Verify that generateCRL and generateCRLs methods do not throw
* NullPointerException. They should throw CRLException instead.
* @library /test/lib
*/
import java.security.NoSuchProviderException;
import java.security.cert.*;
import java.io.ByteArrayInputStream;
import java.util.Base64;
import jdk.test.lib.Utils;
public class UnexpectedNPE {
CertificateFactory cf = null ;
static CertificateFactory cf = null;
public UnexpectedNPE() {}
public static void main( String[] av ) {
public static void main(String[] av ) throws CertificateException,
NoSuchProviderException {
byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 };
byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 };
byte[] encoded_3 = { 0x30, 0x01, 0x00 };
byte[] encoded_4 = Base64.getDecoder().decode(
"MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ==");
UnexpectedNPE unpe = new UnexpectedNPE() ;
cf = CertificateFactory.getInstance("X.509", "SUN");
if(!unpe.run(encoded_1)) {
throw new SecurityException("CRLException has not been thrown");
}
if(!unpe.run(encoded_2)) {
throw new SecurityException("CRLException has not been thrown");
}
if(!unpe.run(encoded_2)) {
throw new SecurityException("CRLException has not been thrown");
}
run(encoded_1);
run(encoded_2);
run(encoded_3);
run(encoded_4);
}
private boolean run(byte[] buf) {
if (cf == null) {
try {
cf = CertificateFactory.getInstance("X.509", "SUN");
} catch (CertificateException e) {
throw new SecurityException("Cannot get CertificateFactory");
} catch (NoSuchProviderException npe) {
throw new SecurityException("Cannot get CertificateFactory");
}
}
try {
cf.generateCRL(new ByteArrayInputStream(buf));
} catch (CRLException ce) {
System.out.println("NPE checking passed");
return true;
}
System.out.println("CRLException has not been thrown");
return false;
private static void run(byte[] buf) {
Utils.runAndCheckException(
() -> cf.generateCRL(new ByteArrayInputStream(buf)),
CRLException.class);
Utils.runAndCheckException(
() -> cf.generateCRLs(new ByteArrayInputStream(buf)),
CRLException.class);
}
}