bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard

Published 20 hours ago verified publisher icon bcgit

Regression/bug with OID content verification 1.77->1.78 ?

Open martinpaljak opened this issue 6 months ago • 1 comments

This used to parse as valid OID with 1.77 with ASN1ObjectIdentifier.fromByteArray(oid):

[TRACE] GPData - Parsing 06092A864886FC6B048000 as OID
Tag 6: 1.2.840.114283.4.0

This also matches the result from https://lapo.it/asn1js/#BgkqhkiG_GsEgAA

With 1.78 I get instead:


Caused by: org.bouncycastle.asn1.ASN1Exception: invalid OID contents
	at org.bouncycastle.provider/org.bouncycastle.asn1.ASN1InputStream.createPrimitiveDERObject(Unknown Source)
	at org.bouncycastle.provider/org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
	at org.bouncycastle.provider/org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
	at org.bouncycastle.provider/org.bouncycastle.asn1.ASN1Primitive.fromByteArray(Unknown Source)
	at [email protected]/pro.javacard.gp.GPData.oid2string(GPData.java:392)
	... 36 more
Caused by: java.lang.IllegalArgumentException: invalid OID contents
	at org.bouncycastle.provider/org.bouncycastle.asn1.ASN1ObjectIdentifier.createPrimitive(Unknown Source)
	... 41 more

This data comes from hardware and can't be changed. Even if incorrect by content, the visualization/parsing is handy. Is this a bug and/or is it possible to invoke parsing without content verification?

martinpaljak avatar Jul 29 '24 10:07 martinpaljak