Name: smR10189 Date: 05/25/2004



The methods:
  -CertificateFactory.generateCRL(InputStream inStream)
  -CertificateFactory.generateCRLs(InputStream inStream)
throw NullPointerException if encoded certificate revocation
list is represented by array of zero bytes.
According to the spec. CRLException must be thrown.

For example, the JDK 1.5.0 spec. for generateCRL method says:
  public final CRL generateCRL(InputStream inStream)
                      throws CRLException
.....
  Throws:
    CRLException - on parsing errors."
    
To reproduce this bug run the folowing test.
------------------test.java----------------
import java.security.cert.*;
import java.io.ByteArrayInputStream;
public class test {
  public static void main(String[] av) {

    byte[] encoded = { 0x00, 0x00, 0x00, 0x00};
    try {
      CertificateFactory cf=CertificateFactory.getInstance( "X.509", "SUN");

      cf.generateCRL( new ByteArrayInputStream(encoded));
      System.out.println("FAILED: CRLException has not been thrown");
    } catch(CRLException ce) {
      System.out.println("PASSED");
    } catch (Exception e ) {
      System.out.println("FAILED: Unexpected exception: " + e);
    }
  }
}
------------------OUTPUT-------------------
FAILED: Unexpected exception: java.lang.NullPointerException

% java -version
java version "1.5.0-beta2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta2-b51a)
Java HotSpot(TM) Server VM (build 1.5.0-beta2-b51a, mixed mode)

======================================================================