--- old/src/java.base/share/classes/sun/security/util/DerInputStream.java Wed Mar 15 19:20:51 2017 +++ new/src/java.base/share/classes/sun/security/util/DerInputStream.java Wed Mar 15 19:20:51 2017 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -81,7 +81,8 @@ } /** - * Create a DER input stream from part of a data buffer. + * Create a DER input stream from part of a data buffer with + * additional arg to control whether DER checks are enforced. * The buffer is not copied, it is shared. Accordingly, the * buffer should be treated as read-only. * @@ -90,15 +91,16 @@ * be read as DER input in the new stream * @param len how long a chunk of the buffer to use, * starting at "offset" + * @param allowBER whether to allow constructed indefinite-length + * encoding as well as tolerate leading 0s */ - public DerInputStream(byte[] data, int offset, int len) throws IOException { - init(data, offset, len, true); + public DerInputStream(byte[] data, int offset, int len, + boolean allowBER) throws IOException { + init(data, offset, len, allowBER); } /** - * Create a DER input stream from part of a data buffer with - * additional arg to indicate whether to allow constructed - * indefinite-length encoding. + * Create a DER input stream from part of a data buffer. * The buffer is not copied, it is shared. Accordingly, the * buffer should be treated as read-only. * @@ -107,25 +109,21 @@ * be read as DER input in the new stream * @param len how long a chunk of the buffer to use, * starting at "offset" - * @param allowIndefiniteLength whether to allow constructed - * indefinite-length encoding */ - public DerInputStream(byte[] data, int offset, int len, - boolean allowIndefiniteLength) throws IOException { - init(data, offset, len, allowIndefiniteLength); + public DerInputStream(byte[] data, int offset, int len) throws IOException { + init(data, offset, len, true); } /* * private helper routine */ - private void init(byte[] data, int offset, int len, - boolean allowIndefiniteLength) throws IOException { + private void init(byte[] data, int offset, int len, boolean allowBER) throws IOException { if ((offset+2 > data.length) || (offset+len > data.length)) { throw new IOException("Encoding bytes too short"); } // check for indefinite length encoding if (DerIndefLenConverter.isIndefinite(data[offset+1])) { - if (!allowIndefiniteLength) { + if (!allowBER) { throw new IOException("Indefinite length BER encoding found"); } else { byte[] inData = new byte[len]; @@ -132,10 +130,11 @@ System.arraycopy(data, offset, inData, 0, len); DerIndefLenConverter derIn = new DerIndefLenConverter(); - buffer = new DerInputBuffer(derIn.convert(inData)); + buffer = new DerInputBuffer(derIn.convert(inData), allowBER); } - } else - buffer = new DerInputBuffer(data, offset, len); + } else { + buffer = new DerInputBuffer(data, offset, len, allowBER); + } buffer.mark(Integer.MAX_VALUE); } @@ -156,7 +155,7 @@ */ public DerInputStream subStream(int len, boolean do_skip) throws IOException { - DerInputBuffer newbuf = buffer.dup(); + DerInputBuffer newbuf = buffer.dup(); newbuf.truncate(len); if (do_skip) { @@ -399,7 +398,8 @@ dis.readFully(indefData, offset, readLen); dis.close(); DerIndefLenConverter derIn = new DerIndefLenConverter(); - buffer = new DerInputBuffer(derIn.convert(indefData)); + buffer = new DerInputBuffer(derIn.convert(indefData), buffer.allowBER); + if (tag != buffer.read()) throw new IOException("Indefinite length encoding" + " not supported"); @@ -427,7 +427,7 @@ DerValue value; do { - value = new DerValue(newstr.buffer); + value = new DerValue(newstr.buffer, buffer.allowBER); vec.addElement(value); } while (newstr.available() > 0);