-
Bug
-
Resolution: Fixed
-
P4
-
5.0
-
b85
-
x86
-
linux
FULL PRODUCT VERSION :
java version "1.5.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-b64)
Java HotSpot(TM) Client VM (build 1.5.0-b64, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux miguel 2.6.12-12mdksmp #1 SMP Fri Sep 9 17:43:23 CEST 2005 i686 Intel(R) Pentium(R) 4 CPU 2.60GHz unknown GNU/Linux
A DESCRIPTION OF THE PROBLEM :
One of the constructors of EncryptedPrivateKeyInfo expects an algorithm name (as a string).
If the string is not a valid Object Identifier, but contains dots, the constructor throws NumberFormatException, when it should throw NoSuchAlgorithmException.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Calling a the constructor with a string such as "1.2.3.", or "1.2.3.a", or "a.a" causes NumberFormatException to be thrown. For instance
EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo("aa.aa", new byte[8]);
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The exception NoSuchAlgorithmException should be thrown, like
java.security.NoSuchAlgorithmException: unrecognized algorithm name: aa.aa
at sun.security.x509.AlgorithmId.get(AlgorithmId.java:105)
at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA12275)
at TestOid.main(TestOid.java:16)
ACTUAL -
The exception NumberFormatException is thrown:
Exception in thread "main" java.lang.NumberFormatException: For input string: "aa"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
at java.lang.Integer.parseInt(Integer.java:447)
at java.lang.Integer.valueOf(Integer.java:553)
at sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:69)
at sun.security.x509.AlgorithmId.algOID(AlgorithmId.java:312)
at sun.security.x509.AlgorithmId.get(AlgorithmId.java:98)
at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA12275)
at TestOid.main(TestOid.java:16)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.security.NoSuchAlgorithmException;
import javax.crypto.EncryptedPrivateKeyInfo;
public class TestEPKI {
public static void main(String[] args){
String[] oids = {"1.2.3.4", "aa","aa.aa"};
for (String s:oids){
EncryptedPrivateKeyInfo epki;
try {
epki = new EncryptedPrivateKeyInfo(s,new byte[8]);
System.out.println(s+ " has not been detected as invalid");
} catch (NoSuchAlgorithmException e) {
System.out.println(s+ " has been detected as invalid");
} catch (NumberFormatException e){
System.out.println(s+": This exception should not have been thrown");
}
}
}
---------- END SOURCE ----------
java version "1.5.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-b64)
Java HotSpot(TM) Client VM (build 1.5.0-b64, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux miguel 2.6.12-12mdksmp #1 SMP Fri Sep 9 17:43:23 CEST 2005 i686 Intel(R) Pentium(R) 4 CPU 2.60GHz unknown GNU/Linux
A DESCRIPTION OF THE PROBLEM :
One of the constructors of EncryptedPrivateKeyInfo expects an algorithm name (as a string).
If the string is not a valid Object Identifier, but contains dots, the constructor throws NumberFormatException, when it should throw NoSuchAlgorithmException.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Calling a the constructor with a string such as "1.2.3.", or "1.2.3.a", or "a.a" causes NumberFormatException to be thrown. For instance
EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo("aa.aa", new byte[8]);
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The exception NoSuchAlgorithmException should be thrown, like
java.security.NoSuchAlgorithmException: unrecognized algorithm name: aa.aa
at sun.security.x509.AlgorithmId.get(AlgorithmId.java:105)
at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA12275)
at TestOid.main(TestOid.java:16)
ACTUAL -
The exception NumberFormatException is thrown:
Exception in thread "main" java.lang.NumberFormatException: For input string: "aa"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
at java.lang.Integer.parseInt(Integer.java:447)
at java.lang.Integer.valueOf(Integer.java:553)
at sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:69)
at sun.security.x509.AlgorithmId.algOID(AlgorithmId.java:312)
at sun.security.x509.AlgorithmId.get(AlgorithmId.java:98)
at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA12275)
at TestOid.main(TestOid.java:16)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.security.NoSuchAlgorithmException;
import javax.crypto.EncryptedPrivateKeyInfo;
public class TestEPKI {
public static void main(String[] args){
String[] oids = {"1.2.3.4", "aa","aa.aa"};
for (String s:oids){
EncryptedPrivateKeyInfo epki;
try {
epki = new EncryptedPrivateKeyInfo(s,new byte[8]);
System.out.println(s+ " has not been detected as invalid");
} catch (NoSuchAlgorithmException e) {
System.out.println(s+ " has been detected as invalid");
} catch (NumberFormatException e){
System.out.println(s+": This exception should not have been thrown");
}
}
}
---------- END SOURCE ----------
- relates to
-
-
- Resolved
-
-
-
- Resolved
-