On Fri, 25 Sep 2020 02:38:40 GMT, Valerie Peng <[email protected]> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Enhance DerValue::getOctetString to be able to read multi-level
>> constructed value.
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 638:
>
>> 636: }
>> 637: if (end == start) {
>> 638: throw new IOException("No padding");
>
> Well, I find the original error message is clearer: Invalid encoding: zero
> length bit string. Just the "No padding" may
> be somewhat unclear since no padding is needed when it's multiple of 8. Or,
> maybe something like
> "DerValue.getBitString, empty value".
It also seems strange that it only checks that length !=0. The spec of
BitString seems to suggest the length must
be >=2 where the first byte is the number of padding bits. It seems that the
right check should be (end - start) > 1?
-------------
PR: https://git.openjdk.java.net/jdk/pull/232
