'Re: [dev-crypto] Re: Bug in CMSAlgoritmProtection?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] Re: Bug in CMSAlgoritmProtection?
From:       Stefan Santesson <stefan () aaa-sec ! com>
Date:       2016-02-24 10:57:42
Message-ID: 5367E680-4393-49C7-86B3-9FB73BA20DC6 () aaa-sec ! com
[Download RAW message or body]

Well, I think the comment on the method .isExplicit() explains this:

  
    
      Note: if the object has been read from an input stream, the only time 
      you can be sure if isExplicit is returning the true state of affairs is 
      if it returns false. An implicitly tagged object may appear to be 
      explicitly tagged, so you need to understand the context under which the 
      reading was done as well, see getObject below.
    
  

So if you know it is implicit, it seems better to not use this method and to specify \
"false" directly.


/Stefan




On 24/02/16 11:49, "Stefan Santesson" <stefan@aaa-sec.com> wrote:

> First, thanks for the tip. That is actually great.
> 
> However, I experienced a very strange error trying this.
> 
> I took this a step further and tried to create an AlgorithmIdentifier object this \
> way by: 
> AlgorithmIdentifier aid = AlgorithmIdentifier.getInstance(taggedObj, \
> taggedObject.isExplicit()); 
> This failed badly, since the method taggedObject.isExplicit() returns true, despite \
> the fact that the tag is implicit. 
> But the following worked just fine:
> AlgorithmIdentifier aid = AlgorithmIdentifier.getInstance(taggedObj, false);
> 
> 
> Why did taggedObject.isExplicit() return true?
> 
> /Stefan
> 
> 
> 
> 
> 
> On 24/02/16 11:06, "Lothar Kimmeringer" <job@kimmeringer.de> wrote:
> 
> > Am 24.02.2016 um 09:20 schrieb Stefan Santesson:
> > 
> > > Yes it is easy to be confused by this one. Don't do ASN.1 often enough :)
> > > In short, the SEQUENCE tag gets replaced by the IMPLICIT tag, and since
> > > there is only one object in the sequence, the getObject() method of
> > > ASN1TaggedObject returns the underlying object class and not a sequence,
> > > while if there are multiple objects, I get a sequence (DLSequence).
> > > 
> > > They did not make this easy :)
> > 
> > The BC-ASN1-parser does:
> > 
> > ASN1Sequence.getInstance(taggedObject, taggedObject.isExplicit());
> > returns a sequence all the time, so you don't run into ClassCastExceptions
> > or need to check the type of the returned instance.
> > 
> > 
> > Cheers, Lothar
> > 
> 
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic